17 lines
545 B
Text
Executable file
17 lines
545 B
Text
Executable file
############################################################################
|
|
# Exploit Title: SePortal 2.5 SQL Injection
|
|
# Google Dork: Powered by SePortal 2.5
|
|
# Date: Decembar/08/2011
|
|
# Author: Don (BalcanCrew & BalcanHack)
|
|
# Software Link: http://seportal.org
|
|
# Version: 2.5
|
|
# Tested on: LiteSpeed
|
|
############################################################################
|
|
|
|
Vulnerability:
|
|
http://server/redirect.php?action=banner&goto= (SQL)
|
|
|
|
How to fix this vulnerability:
|
|
Filter metacharacters from user input.
|
|
|
|
~Don 2011
|