Jobvite vulnerable to Boolean SQLi and LFI


Mohamed M.Fouad - an Independent Security Researcher from Egypt have found a SQL Injection and Local File Inclusion(LFI) vulnerability on famous Social recruiting website Jobvite.

Jobvite is a Social recruiting and applicant tracking platform created for companies with the highest expectations of candidate quality and recruiting technology. The hacker found a SQLi and LFI vulnerability that able him to take over database and disclosure of Linux users.

According to the researcher, He Reported these critical security vulnerabilities 3 Months ago but they didn’t fix anything. So, he decided to write about this great finding and it was one of the best security vulnerabilities, He have ever discovered.

While Investigating about vulnerabilities in Odesk (Freelancer Jobs famous website) i found an iframe loaded from (Jobvite) and it was so interesting for me so i switched my pen test to jobvite website and after a lot of hard work hours investigating i found Boolean SQLi in “cat” parameter in the below URL so as everyone know about boolean SQLi this kind of sql injection asks the database true or false questions and determines the answer based on the applications response so after i tried a lot of these tricks i found that “cat” parameter is vulnerable this makes exploiting the SQL Injection vulnerability more difficult, but not impossible. so i opened sqlmap and executed the below command i already got the databases available on “Jobvite” website so i tried to get the information schema of the database and i succeeded with the second command below then i tried to get tables columns and data. So after this great finding i decided to never stop looking for more critical vulnerabilities at jobvite after another hard work of hours i found LFI vulnerability allowed me to view all their LINUX USER ACCOUNTS EXISTS

The security researcher Mohamed M.Fouad got acknowledgement from many of the top technology websites like Microsoft, Oracle, Yahoo, eBay, Sony, AT&T, Huawui, DropCam, Bitcasa, Get Pocket, Splitwise etc.

The video demonstration URL of the found Vulnerabilities:
The link can be found here.