Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title: DMXready Polling Booth Manager SQLi Vulnerability
Vendor url:http://www.dmxready.com
Version:1
Price:79$
Published: 2010-09-6
GThanx to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat,
Sai, KD, M4n0j, The_Exploited, SeeMe, gunslinger_, Th3 RDX.
Greetz to : Inj3ct0r Exploit DataBase (inj3ct0r.com) , 0xr00t.com , members
and my friends :) etc....
Special Greetz: Topsecure.net, inj3ct0r Team ,Andhrahackers.com
Shoutzz:- To all ICW & Inj3ct0r members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:
 
DMXReady Polling Booth Manager is a quick and fun way to make your website
more interactive:
 
    * Change your poll daily, weekly, monthly -- whenever you like!
    * Find out what people think of you and your services, or post it just
for fun
    * Auto-archive old polls and results
    * Add multiple answer selections
    * Allow visitors to view results directly from the poll page
    * Doesn't allow visitors from voting more than once
    * Add images, question, and optional description of the poll
    * Add, edit, delete, or deactiviate any poll through one Admin page
    * Fully customizable - change the layout to match your website design
 
DMXReady Polling Booth Manager keeps all your web content fresh, and is a
great way to find out what your visitors think!
 
 
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
 
Vulnerability:
 
*SQL Vulnerability
 
DEMO URL:
 
http://server/inc_pollingboothmanager.asp?view=results&QuestionID=[sqli]
 
 
# 0day n0 m0re #
# L0rd CrusAd3r #
 
-- 
With R3gards,
L0rd CrusAd3r