EUVD-2007-4342

Malware in sbrugna...

SkilMatch Systems JobLister3 Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25296/info JobLister3 is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

CVE-2007-4359

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via 1 the search form or 2 the jobid parameter to index.php in a showbyID action...

Sql injection

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via 1 the search form or 2 the jobid parameter to index.php in a showbyID action...

CVE-2007-4359

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via 1 the search form or 2 the jobid parameter to index.php in a showbyID action...

CVE-2007-4359

CVE-2007-4359 describes multiple SQL injection vulnerabilities in the SkilMatch Staffing Systems JobLister3. The vulnerabilities allow remote attackers to execute arbitrary SQL commands through (1) the search form or (2) the jobid parameter to index.php in a showbyID action. The information, draw...

SkilMatch Systems JobLister3 Index.PHP SQL注入漏洞

SkilMatch Systems JobLister3是一款基于PHP的WEB应用程序。 SkilMatch Systems JobLister3不正确过滤用户提交的URI输入，远程攻击者可以利用漏洞对SQL进行注入攻击，可获得敏感信息。 问题是脚本'Index.PHP'对用户提交的'jobid'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 SkilMatch Systems JobLister3 目前没有解决方案提供： http://www.skilmatch.com/...

joblister-sql.txt

JobLister3 by SkilMatch Staffing Systems, Inc. Multiple SQL injection vulnerabilities http://www.dubdubdub.com/ http://www.skilmatch.com/ The search form filed doesnt strip special characters that have special meanings. A single quote makes the application spit out a number of errors. This is not...

JobLister3 SQL injection vulnerabilities

JobLister3 by SkilMatch Staffing Systems, Inc. Multiple SQL injection vulnerabilities http://www.dubdubdub.com/ http://www.skilmatch.com/ The search form filed doesnt strip special characters that have special meanings. A single quote makes the application spit out a number of errors. This is not...

SkilMatch Systems JobLister3 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/25296/info JobLister3 is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or...