Caregiver Script 2.57 SQL Injection

Posted on 31 January 2017

Exploit Title: Caregiver Script v2.57 a SQL Injection Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/caregiver-script/ Exploit Author: Kaan KAMIS Contact: iletisim[at]k2an[dot]com Website: http://k2an.com Category: Web Application Exploits Overview Caregiver Script 2.51 is the best solution to launch a portal for hiring people for babysitting and other care giving services in a hassle free manner. Type of vulnerability: An SQL Injection vulnerability in Caregiver Script allows attackers to read arbitrary administrator data from the database. Vulnerable Url: http://locahost/searchJob.php?sitterService=1[payload] Vulnerable parameter : sitterService Mehod : GET

TOP

Malware :

Backdoor:Win32/Heloag.A
Exploit:Win32/CVE-2011-3402
Trojan:Win32/Obfac
Exploit:Win32/Pdfjsc.YP
TrojanDownloader:Win32/Bofang.B

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20