K-Rate SQL Injection Vulnerability

2009-12-30T00:00:00
ID EDB-ID:10824
Type exploitdb
Reporter e.wiZz
Modified 2009-12-30T00:00:00

Description

K-Rate SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            K-Rate SQL Injection Vulnerability


By: e.wiZz!


#### Script site:http://turn-k.net/k-rate


In the wild...

#####################################


####Vulnerability:

SQL Injection in view.php,variable username.
Anyway, all sites i saw which are powered by this script are hosted on Apache,and have
a mod_rewrite enabled,so you need to try this:

http://inthewild/view/admi'n.html

You need to add .html at the end.