CVE-2024-12966 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php cn_update cname/url sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as critical. This issue affects the function cn_update of the file /_parse/_all_edits.php. The manipulation of the argument cname/url leads to sql injection.

The identification of this vulnerability is CVE-2024-12966. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12966 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php cn_update cname/url sql injection

Related Posts

CVE-2024-35579 | Tenda AX1806 1.0.0.1 formSetIptv iptv.city.vlan stack-based overflow

CVE-2024-34670 | Samsung Sound Assistant up to 6.1.0.8 implicit intent

CVE-2022-48939 | Linux Kernel up to 5.10.102/5.15.25/5.16.11 bpf generic_map_delete_batch infinite loop

CVE-2024-31814 | Totolink EX200 up to 4.0.3c.7646_B20201211 Form_Login improper authentication