CVE-2024-12963 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php add_xp job_company sql injection

Inserito da Angelo Barbosa | Dic 26, 2024 | CVE

A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this issue is the function add_xp of the file /_parse/_all_edits.php. The manipulation of the argument job_company leads to sql injection.

This vulnerability is handled as CVE-2024-12963. The attack may be launched remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2024-12963 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php add_xp job_company sql injection

Post correlati

CVE-2024-29435 | Alldata 0.4.6 processId command injection

CVE-2024-49648 | rafasashi SVG Captcha Plugin up to 1.0.11 on WordPress cross site scripting

CVE-2024-39817 | Cybozu Office up to 10.8.6 Search information disclosure

CVE-2024-7677 | SourceCodester Car Driving School Management System 1.0 SystemSettings.php update_settings_info contact/address cross site scripting