SePortal 2.5 - SQL Injection Vulnerabilty

No description provided by source. Exploit: SePortal 2.5 Sql Injection Vulnerabilty Author: jsass Date : 19\03\2014 Contact Twitter: @Kwsecurity Script: http://www.seportal.org/ version: 2.5 Tested on: Linux Ubuntu 12.4 & Windows 7 Dork : Powered by SePortal 2.5 // Searching And Analysis By Kuwai...

SePortal SQLi - Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...

SePortal 2.5 - SQL Injection

No description provided by source. Exploit Title: SePortal 2.5 SQL Injection Google Dork: Powered by SePortal 2.5 Date: Decembar/08/2011 Author: Don BalcanCrew & BalcanHack Software Link: http://seportal.org Version: 2.5 Tested on: LiteSpeed Vulnerability:...

SePortal staticpages SQL Injection (CVE-2008-5191)

An SQL injection vulnerability has been reported in SePortal. A remote attacker may exploit this issue by executing arbitrary SQL commands via the pollid parameter to pool.php and the spid parameter to staticpages.php. Successful exploitation could cause an SQL statement execution on the server,...

SePortal 2.4 /poll.php SQL注入漏洞

No description provided by source...

SePortal 2.4 /staticpages.php SQL注入漏洞

No description provided by source...

SePortal 2.5 - SQL Injection / Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "SePortal SQLi Remote Code Execution", 'Description' = %q This module exploits a vulnerability found in SePortal version 2.5. When...

SePortal 2.5 SQL Injection / Remote Code Execution Exploit

This Metasploit module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to...

SePortal 2.5 SQL Injection / Remote Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "SePortal SQLi Remote Code Execution", 'Description' = %q This module exploits a vulnerability found in SePortal version 2.5. When...

SePortal 'sp_id'参数SQL注入漏洞

Bugtraq ID:66315 SePortal是一款基于WEB的应用。 SePortal staticpages.php脚本不正确过滤'spid'参数数据，允许远程攻击者利用漏洞提交特制的SQL查询，操作或获取数据库数据。 0 SePortal 2.5 目前没有详细解决方案提供： http://www.seportal.org/ http://www.example.com/staticpages.php?spid=SQL...

SePortal SQLi Remote Code Execution

This module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to take over...

SePortal 2.5 SQL Injection

Exploit: SePortal 2.5 Sql Injection Vulnerabilty Author: jsass Date : 19\03\2014 Contact Twitter: @Kwsecurity Script: http://www.seportal.org/ version: 2.5 Tested on: Linux Ubuntu 12.4 & Windows 7 Dork : "Powered by SePortal 2.5" // Searching And Analysis By Kuwaity Crew \ SQL INJECTION...

SePortal 2.5 - SQL Injection (2)

SePortal 2.5 - SQL Injection 2 Exploit: SePortal 2.5 Sql Injection Vulnerabilty Author: jsass Date : 19\03\2014 Contact Twitter: @Kwsecurity Script: http://www.seportal.org/ version: 2.5 Tested on: Linux Ubuntu 12.4 & Windows 7 Dork : "Powered by SePortal 2.5" // Searching And Analysis By Kuwaity...

SePortal 2.5 - SQL Injection Vulnerabilty

Exploit for php platform in category remote exploits SQL INJECTION Vulnerabilty code : $maintemplate = 'staticpages'; define'GETCACHES', 1; define'ROOTPATH', './'; define'GETUSERONLINE', 1; define'GETSTATSBOX', 1; includeROOTPATH.'global.php'; requireROOTPATH.'includes/sessions.php'; $sql = "SELE...

Seportal 2.5 SQLi

SQL injection in staticpages.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

SePortal 2.5 - SQL Injection (2)

Exploit: SePortal 2.5 Sql Injection Vulnerabilty Author: jsass Date : 19\03\2014 Contact Twitter: @Kwsecurity Script: http://www.seportal.org/ version: 2.5 Tested on: Linux Ubuntu 12.4 & Windows 7 Dork : "Powered by SePortal 2.5" // Searching And Analysis By Kuwaity Crew \ SQL INJECTION...

SePortal 2.5 CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: SePortal 2.5 CSRF Vulnerability Author: DaOne LCA Date: 19/8/2012 Software Link: http://www.seportal.org CSRF Add Admin 0day.today 2018-01-10...

Seportal SQLi

Blind SQL injection in redirect.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

SePortal 2.5 - SQL Injection (1)

SePortal 2.5 - SQL Injection 1 Exploit Title: SePortal 2.5 SQL Injection Google Dork: Powered by SePortal 2.5 Date: Decembar/08/2011 Author: Don BalcanCrew & BalcanHack Software Link: http://seportal.org Version: 2.5 Tested on: LiteSpeed Vulnerability: http://server/redirect.php?action=banner&got...

SePortal 2.5 SQL Injection

Exploit Title: SePortal 2.5 SQL Injection Google Dork: Powered by SePortal 2.5 Date: Decembar/08/2011 Author: Don BalcanCrew & BalcanHack Software Link: http://seportal.org Version: 2.5 Tested on: LiteSpeed Vulnerability: http://server/redirect.php?action=banner&goto= SQL How to fix this...