Phpgurukul

Job Portal

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-8472

  • EPSS 0.19%
  • Veröffentlicht 05.09.2024 13:15:15
  • Zuletzt bearbeitet 06.09.2024 11:44:34

Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through multiple parameters in ...

6.1

CVE-2024-8473

  • EPSS 0.21%
  • Veröffentlicht 05.09.2024 13:15:15
  • Zuletzt bearbeitet 06.09.2024 11:44:45

Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through user_email parameter in...

7.5

CVE-2024-8469

  • EPSS 0.12%
  • Veröffentlicht 05.09.2024 13:15:14
  • Zuletzt bearbeitet 06.09.2024 11:43:36

SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it.

7.5

CVE-2024-8470

  • EPSS 0.12%
  • Veröffentlicht 05.09.2024 13:15:14
  • Zuletzt bearbeitet 06.09.2024 11:44:04

SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored in it.

6.1

CVE-2024-8471

  • EPSS 0.19%
  • Veröffentlicht 05.09.2024 13:15:14
  • Zuletzt bearbeitet 06.09.2024 11:44:22

Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME para...

7.5

CVE-2024-8465

  • EPSS 0.12%
  • Veröffentlicht 05.09.2024 13:15:13
  • Zuletzt bearbeitet 06.09.2024 11:16:51

SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it.

7.5

CVE-2024-8466

  • EPSS 0.12%
  • Veröffentlicht 05.09.2024 13:15:13
  • Zuletzt bearbeitet 06.09.2024 11:24:34

SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it.

7.5

CVE-2024-8467

  • EPSS 0.12%
  • Veröffentlicht 05.09.2024 13:15:13
  • Zuletzt bearbeitet 06.09.2024 11:42:38

SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it.

7.5

CVE-2024-8468

  • EPSS 0.12%
  • Veröffentlicht 05.09.2024 13:15:13
  • Zuletzt bearbeitet 06.09.2024 11:43:10

SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it.

8.8

CVE-2024-8463

  • EPSS 0.11%
  • Veröffentlicht 05.09.2024 13:15:12
  • Zuletzt bearbeitet 12.09.2024 17:15:02

File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.