SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote malicious users to execute arbitrary SQL commands via the filter parameter.
# Exploit Title: Sphider 136 or later SQL Injection
# Google Dork: intitle:"Sphider Admin Login"
# Date: 1 July 2014
# Exploit Author: Mike Manzotti
# Vendor Homepage: wwwsphidereu/
# Software Link: wwwsphidereu/sphider-136zip
# Version: v 136
Description:
The web application is vulnerable to SQLi Once a website has been ...