CVE-2007-4359

EPSS 1.1%

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/30492unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/36416 http://secunia.com/advisories/26440 http://securityreason.com/securityalert/3013 https://exchange.xforce.ibmcloud.com/vulnerabilities/36052 http://www.securityfocus.com/archive/1/476282/100/0/threaded http://www.securityfocus.com/bid/25296