SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll) 1.0 and 1.01 allows remote attackers to execute arbitrary SQL commands via the username parameter.