← back
CVE-2021-28419

CVE-2021-28419

EPSS 10.7%
The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/162322/SEO-Panel-4.8.0-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49804unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/162322/SEO-Panel-4.8.0-SQL-Injection.htmlhttps://github.com/seopanel/Seo-Panel/issues/209