Netartmedia Jobs Portal SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Netartmedia Jobs Portal version 6.1. This vulnerability allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Exploitation involves sending POST requests to loginaction.php with crafted SQL payloads in the Email field, potentially leading to the extraction of sensitive database information or bypassing authentication.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to manipulate database queries, extract sensitive information, or bypass authentication.

Reproduction

To reproduce this vulnerability, send a POST request to loginaction.php with a crafted SQL payload in the Email parameter. The payload can be designed to exploit SQL injection vulnerabilities, such as by using SQL syntax to manipulate the query execution or extract database information.