| Titel | Caregiver Script v2.51 |
|---|
| Beschreibung | Introduction
Exploit Title: Caregiver Script v2.51 – SQL Injection
Date: 30.01.2017
Vendor Homepage: http://itechscripts.com/
Software Link: http://itechscripts.com/caregiver-script/
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits
Overview
Caregiver Script 2.51 is the best solution to launch a portal for hiring people for babysitting and other care giving services in a hassle free manner.
Type of vulnerability:
An SQL Injection vulnerability in Caregiver Script allows attackers to read
arbitrary administrator data from the database.
Vulnerable Url:
http://locahost/searchJob.php?sitterService=1[payload]
Vulnerable parameter : sitterService
Mehod : GET |
|---|
| Benutzer | KAAN KAMIS (UID 213) |
|---|
| Einreichung | 30.01.2017 12:01 (vor 9 Jahren) |
|---|
| Moderieren | 30.01.2017 15:51 (4 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 96260 [Caregiver Script 2.51 /searchJob.php sitterService SQL Injection] |
|---|
| Punkte | 17 |
|---|