This Metasploit module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to take over the admin user session. After logging in, the "/admin/downloads.php" page will be used to upload arbitrary code.
523ae89437abd95ee2b8adbfe4b6eb79e71f45e8218d4bcec51f35af6aab99d6SePortal version 2.5 suffers from a remote SQL injection vulnerability in the sp_id variable of staticpages.php. This version has already had known SQL injection vulnerabilities noted in 2011.
8f4257a80f761be925bfdf6c5c86b1aa0a890871ff237d0be07eb7a35351f1e2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed