CVE-2024-12967 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php fln_update fname/lname sql injection

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. Affected is the function fln_update of the file /_parse/_all_edits.php. The manipulation of the argument fname/lname leads to sql injection.

This vulnerability is traded as CVE-2024-12967. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12967 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php fln_update fname/lname sql injection

Related Posts

CVE-2024-4081 | NI LabVIEW up to 24.1 VI memory corruption

CVE-2023-22656 | Intel Media SDK/oneVPL prior 23.3.5 out-of-bounds (intel-sa-00935)

CVE-2024-4730 | Campcodes Legal Case Management System 1.0 /admin/judge judge_name cross site scripting

CVE-2024-2756 | PHP up to 8.1.27/8.2.17/8.3.4 Cookie input validation