CVE-2007-4359 Information

Description

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.

Reference

http://osvdb.org/36416 http://secunia.com/advisories/26440 http://securityreason.com/securityalert/3013 http://www.securityfocus.com/archive/1/476282/100/0/threaded http://www.securityfocus.com/bid/25296 https://exchange.xforce.ibmcloud.com/vulnerabilities/36052