The vulnerability, leaked to iTnews over the weekend and verified by IT security consultants, is due to a flaw in the Integard internet filtering software developed by Brisbane's Race River Corporation.
A source claimed to iTnews that Integard can be reverse-engineered with a hex editor to reveal material the software is designed to keep secret.
iTnews asked three IT security specialists for their opinions.
They all refused to go on the record but they said the list of banned URLs is exposed in a process that takes about 30 seconds.
"Put it this way: it took longer to download Integard than to hack it," said a senior security researcher speaking on condition of anonymity.
iTnews has been asking Integard managing director John Hedges for comment since yesterday.
ISP's and content hosts in Australia are required by law to remove locally-hosted websites deemed by the Australian Communications and Media Authority to be illegal under Australian law.
Sites deemed illegal that are hosted overseas are added to a blacklist ACMA sends as regular updates to the manufacturers of client-based internet filters. These sites would potentially be blocked under the network-level mandatory ISP filtering scheme currently on trial.