########################################## [~] Exploit Title: Auxilium PetRatePro Multiple Vulnerabilities [~] Date: 14/09/2012 [~] Author: DaOne (@LibyanCA) [~] Software Link: http://www.auxiliumsoftware.com [~] Google Dork: "N/A" ########################################## [#] 1-[Remote Add Admin]:
(Create New Administrator) Username Password Name Email Address
[#] 2-[SQL Injection] viewcomments.php parameter phid http://localhost/PetRatePro/viewcomments.php?phid=[SQLi] [#] 3-[Remote File Upload] Go to: http://localhost/PetRatePro/admin/sitebanners/upload_banners.php and upload your Shell... will find files here ... /PetRatePro/banners/shell.php ########################################## [*] Contact me www.facebook.com/DaOne.Ly ##########################################