SePortal version 2.5 suffers from a remote SQL injection vulnerability.
dea9743f95ed23a9a24fa1697fd0934e16e1afa180ab42f7f2fd042cad1739ae
############################################################################
# Exploit Title: SePortal 2.5 SQL Injection
# Google Dork: Powered by SePortal 2.5
# Date: Decembar/08/2011
# Author: Don (BalcanCrew & BalcanHack)
# Software Link: http://seportal.org
# Version: 2.5
# Tested on: LiteSpeed
############################################################################
Vulnerability:
http://server/redirect.php?action=banner&goto= (SQL)
How to fix this vulnerability:
Filter metacharacters from user input.
~Don 2011