This exploit describes an authentication bypass vulnerability in the 5star_rating software version 1.0. It leverages a SQL injection technique to bypass the login mechanism by entering 'admin 'or' 1=1' as the username and leaving the password field empty.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:5star_rating 1.0
No auth needed
Prerequisites:access to the target web application