CVE-2008-2915

Preprojects Pre Job Board - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by JosS · textwebappsphp

https://www.exploit-db.com/exploits/5809

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/30684

[Exploit] http://www.securityfocus.com/bid/29717

[Exploit] http://www.spanish-hackers.com/vuln/joss-42.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43094

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5809

Scores

EPSS 0.0051

EPSS Percentile 66.0%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

preprojects/pre_job_board

Timeline

Published Jun 30, 2008

Tracked Since Feb 18, 2026