Taifajobs SQL Injection Vulnerability Network Vulnerability

Summary

This host is running Taifajobs. Taifajobs (Job Recruitment System) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Taifajobs 1.0 is vulnerable other versions may also be affected. See http://www.securityfocus.com/bid/33864/ and http://sourceforge.net/projects/taifajobs/ for further informations.

Impact

Successful exploitation allows attacker retrieving users email,loginname and md5 hash password.

Severity

Classification

CVE CVE-2009-0727

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ALCASAR Remote Code Execution Vulnerability
Adobe ColdFusion Directory Traversal Vulnerability
b2ePMS Multiple SQL Injection Vulnerabilities
Advantech WebAccess Multiple Vulnerabilities
Artmedic Kleinanzeigen File Inclusion Vulnerability

Take action and discover your vulnerabilities