VULHUB ™

dartool is a Perl script to search the Dice.com job database for duplicate job entries. It enters the URLs of job entries into a MySQL database and checks for duplicates and then displays the results of the search. dartool is prone to SQL injection attacks. A remote attacker could potentially supply a malicious value, in this case the URL of a job entry, which is capable of modifying the logic of an existing SQL query. The result of successful exploitation is that an attacker can execute commands on the database of a dartool user. There is a possibility that this may be used to exploit existing vulnerabilities in the underlying database.

dartool is a Perl script to search the Dice.com job database for duplicate job entries. It enters the URLs of job entries into a MySQL database and checks for duplicates and then displays the results of the search. dartool is prone to SQL injection attacks. A remote attacker could potentially supply a malicious value, in this case the URL of a job entry, which is capable of modifying the logic of an existing SQL query. The result of successful exploitation is that an attacker can execute commands on the database of a dartool user. There is a possibility that this may be used to exploit existing vulnerabilities in the underlying database.