CVE-2024-12967 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php fln_update fname/lname sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. Affected is the function fln_update of the file /_parse/_all_edits.php. The manipulation of the argument fname/lname leads to sql injection.

This vulnerability is traded as CVE-2024-12967. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12967 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php fln_update fname/lname sql injection

Related Posts

CVE-2024-6020 | Fetch Designs Sign-up Sheets Plugin up to 2.2.12 on WordPress REQUEST_URI cross site scripting

CVE-2024-2017 | Countdown, Coming Soon, Maintenance Plugin up to 2.7.8 on WordPress code injection

CVE-2024-2754 | SourceCodester Complete E-Commerce Site 1.0 /admin/users_photo.php photo unrestricted upload

CVE-2024-21325 | Microsoft Printer Metadata Troubleshooter Tool Local Privilege Escalation