Seportalin 2 tane cok önemli güvenirlik acigi var.Acilen cözülmesi gerekiyor.

SePortal 'poll.php' SQL Injection Vulnerability

SePortal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

SePortal 2.4 is vulnerable; other versions may also be affected.
SePortal 'poll.php' SQL Injection Vulnerability

An attacker can exploit this issue through a web browser.

The following example URI is available.

http://www.example.com/poll.php? poll_id=1'+union+select+1,convert(concat_ws(0x3a3a
,user_name,user_password)+using+latin1),1,1,1,1,1,
1,1,1+from+seportal_users+limit+1,1/*


Some vulnerabilities in SePortal, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "poll_id" parameter in poll.php and to the "sp_id" parameter in staticpages.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 2.4. Other versions may also be affected.

Solution

Edit the source code to ensure that input is properly sanitised.



Lütfen bu aciklari en kisa zamanda kapatalim.!!!

2.5 versiyonunda bu sorun giderilmiş sanırım. Eski versiyonları kullananların 2.5 upgrate dosyalarını indirmeleri lazım.