Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-32018 PoC — Complete Online Job Search System SQL注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-32018.yaml
Associated Vulnerability
Title:Complete Online Job Search System SQL注入漏洞 (CVE-2022-32018)
Description:Complete Online Job Search System是一个在线求职系统。 Complete Online Job Search System v1.0 存在安全漏洞,攻击者利用该漏洞可通过/eris/index.php?q=hiring&search=进行SQL注入攻击。
Description
Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=hiring&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
File Snapshot

 id: CVE-2022-32018

info:
  name: Complete Online Job Search System 1.0 - SQL Injection
  author: ar

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.