CVE-2014-5082

# Exploit Title: Sphider 136 or later SQL Injection # Google Dork: intitle:"Sphider Admin Login" # Date: 1 July 2014 # Exploit Author: Mike Manzotti # Vendor Homepage: wwwsphidereu/ # Software Link: wwwsphidereu/sphider-136zip # Version: v 136 Description: The web application is vulnerable to SQLi Once a website has been ...

# Exploit Title: Sphider Search Engine - Multiple Vulnerabilities # Google Dork: ext:php intext:sphider inurl:searchphp # Date: 6/20/2014 # Exploit Author: Shayan Sadigh (twittercom/r1pplex) | <ienjoyripples@gmailcom> # Vendor Homepage: wwwsphidereu/ # Version: Sphider < 136 | Sphider Pro/Plus as well # Tested on: Linux &amp ...

Sphider versions prior to 136 suffer from remote command execution and remote SQL injection vulnerabilities ...