SePortal 2.5 – SQL Injection (1)

• Exploit Database
• 108 阅读

• 作者： Don
  日期： 2011-12-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18222/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

  ############################################################################ # Exploit Title: SePortal 2.5 SQL Injection # Google Dork: Powered by SePortal 2.5 # Date: Decembar/08/2011 # Author: Don (BalcanCrew & BalcanHack) # Software Link: http://seportal.org # Version: 2.5 # Tested on: LiteSpeed ############################################################################   Vulnerability: http://server/redirect.php?action=banner&goto= (SQL)   How to fix this vulnerability: Filter metacharacters from user input.   ~Don 2011