CVE-2020-8645

2020-02-0623:50:22

mitre

www.cve.org

10 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.6%

JSON

An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function is getJobApplicationsByJobId(). The file is _lib/class.JobApplication.php.

References

github.com/niteosoft/simplejobscript/issues/9