CVE-2021-28419

March 23, 2021

The “order_col” parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.

Summary:

The “order_col” parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.

Reference Links(if available):

  • https://github.com/seopanel/Seo-Panel/issues/209

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    CISA Logo

    CISA: CISA Releases Eight Industrial Control Systems Advisories

    April 25, 2024
    alerts

    Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

    April 25, 2024
    image

    CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

    April 25, 2024
    hkcert

    Cisco Products Multiple Vulnerabilities

    April 25, 2024
    HIBP Banner 1

    T2 – 94,584 breached accounts

    April 25, 2024