CVE-2025-12928 | code-projects Online Job Search Engine 1.0 /login.php username/phone sql injection

Inserito da Angelo Barbosa | Nov 9, 2025 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in sql injection.

This vulnerability is reported as CVE-2025-12928. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2025-12928 | code-projects Online Job Search Engine 1.0 /login.php username/phone sql injection

Post correlati

CVE-2025-11910 | Shenzhen Ruiming Technology Streamax Crocus 1.3.40 MemoryState.do?Action=Query query orderField sql injection

CVE-2023-7104 | SQLite SQLite3 up to 3.43.0 make alltest sqlite3session.c sessionReadRecord heap-based overflow

CVE-2023-23882 | Brainstorm Force Ultimate Addons for Beaver Builder Lite Plugin up to 1.5.5 on WordPress authorization

CVE-2023-6970 | WP Recipe Maker Plugin up to 9.1.0 on WordPress Referer cross site scripting