CVE-2011-1557

ICloudCenter ICJobSite <1.1 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1557. PoCs published by RoAd_KiLlEr.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in ICJobSite 1.1, where the 'pid' parameter in the 'position_details' page is not properly sanitized. This allows attackers to manipulate SQL queries, potentially leading to unauthorized data access or modification.

Description

SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED

by RoAd_KiLlEr · textwebappsphp

https://www.exploit-db.com/exploits/35547

View Code ZIP pw:eip

The provided text describes an SQL injection vulnerability in ICJobSite 1.1, where the 'pid' parameter in the 'position_details' page is not properly sanitized. This allows attackers to manipulate SQL queries, potentially leading to unauthorized data access or modification.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: ICJobSite 1.1

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/47100

Scores

EPSS 0.0090

EPSS Percentile 55.0%

Details

CWE

CWE-89

Status published

Products (1)

icloudcenter/icjobsite 1.1

Published Apr 04, 2011

Tracked Since Feb 18, 2026