SePortal 2.5 SQL Injection

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : SePortal 2.5 SQL Injection
# Published : 2011-12-09
# Author :
# Previous Title : WordPress AdRotate plugin <= 3.6.6 SQL Injection
# Next Title : Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code Execution

############################################################################
# Exploit Title: SePortal 2.5 SQL Injection
# Google Dork: Powered by SePortal 2.5
# Date: Decembar/08/2011
# Author: Don (BalcanCrew & BalcanHack)
# Software Link: http://seportal.org
# Version: 2.5
# Tested on: LiteSpeed
############################################################################

Vulnerability:
http://server/redirect.php?action=banner&goto= (SQL)

How to fix this vulnerability:
Filter metacharacters from user input.

~Don 2011