CVE-2008-5191

SePortal 2.4 - SQL Injection via poll_id or sp_id Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2008-5191. PoCs published by Metasploit, jsass, Mr.SQL, including Metasploit module exploits/unix/webapp/seportal_sqli_exec.

AI-analyzed exploit summary This Metasploit module exploits a SQL injection vulnerability in SePortal 2.5 to retrieve the admin session ID and upload arbitrary PHP code for remote code execution.

Description

Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotephp
https://www.exploit-db.com/exploits/32621

This Metasploit module exploits a SQL injection vulnerability in SePortal 2.5 to retrieve the admin session ID and upload arbitrary PHP code for remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SePortal 2.5
Auth required
Prerequisites: Valid non-admin user credentials · Access to the SePortal login page
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by jsass · textremotephp
https://www.exploit-db.com/exploits/32359

This is a writeup describing a SQL injection vulnerability in SePortal 2.5. It provides details on vulnerable parameters and example exploit URLs but does not include functional exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: SePortal 2.5
No auth needed
Prerequisites: Access to the vulnerable SePortal instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Mr.SQL · textwebappsphp
https://www.exploit-db.com/exploits/5960

This exploit demonstrates a SQL injection vulnerability in SePortal V2.4 via the 'poll_id' and 'sp_id' parameters. It allows an attacker to extract user credentials from the database using a UNION-based SQL injection technique.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: SePortal V2.4
No auth needed
Prerequisites: Access to the target application's poll.php or staticpages.php endpoints
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by jsass · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/seportal_sqli_exec.rb

This Metasploit module exploits a SQL injection vulnerability in SePortal 2.5 to retrieve an admin session ID, then uploads a malicious PHP payload to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SePortal 2.5
Auth required
Prerequisites: Valid non-admin credentials · Access to the login and staticpages.php endpoints
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30865
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/29996
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/66315
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43450
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5960
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4623

Scores

EPSS 0.1758
EPSS Percentile 96.8%

Details

CWE
CWE-89
Status published
Products (1)
seportal/seportal 2.4
Published Nov 21, 2008
Tracked Since Feb 18, 2026