CVE-2024-12968 code-projects Job Recruitment _all_edits.php edit_jobpost sql injection

A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. Affected by this vulnerability is the function editjobpost of the file /parse/alledits.php. The manipulation of the argument jobtype leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2024-12967

Code-Projects Job Recruitment 1.0 is affected by SQL injection in the fln_update function of /_parse/_all_edits.php via fname/lname. Remote exploitation is possible; public exploits exist. Several sources flag potential broader impact, including unauthorized access and, per PT-2024-9923, possible...

CVE-2024-12966 code-projects Job Recruitment _all_edits.php cn_update sql injection

A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as critical. This issue affects the function cnupdate of the file /parse/alledits.php. The manipulation of the argument cname/url leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-12963 code-projects Job Recruitment _all_edits.php add_xp sql injection

A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this issue is the function addxp of the file /parse/alledits.php. The manipulation of the argument jobcompany leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2024-12963 code-projects Job Recruitment _all_edits.php add_xp sql injection

A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this issue is the function addxp of the file /parse/alledits.php. The manipulation of the argument jobcompany leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2024-12962

Code-projects Job Recruitment 1.0 is affected by an SQL injection in /_parse/_all_edits.php via the skillset parameter, exploitable remotely and publicly disclosed. Multiple sources corroborate a critical issue; remediation guidance is limited to workarounds such as disabling the all_edits.php sc...

CVE-2024-12962 code-projects Job Recruitment _all_edits.php sql injection

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /parse/alledits.php. The manipulation of the argument skillset leads to sql injection. The attack can be launched remotely. The...

CVE-2024-12949

CVE-2024-12949 affects the code-projects Travel Management System 1.0. The vulnerability is an SQL injection in the unknown code of /package.php caused by improper handling of the subcatid parameter. It is exploitable remotely and the exploit has been disclosed publicly. Impact is described with ...

CVE-2024-12937

A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. Affected is an unknown function of the file addVariationController.php. The manipulation of the argument qty leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2024-12938

CVE-2024-12938 affects code-projects Simple Admin Panel 1.0, with a vulnerability in the updateOrderStatus.php file. The issue arises from unsafely handling the record argument, leading to SQL injection. Exploitation is described as remote, and public disclosure of the exploit is noted in multipl...

CVE-2024-12938 code-projects Simple Admin Panel updateOrderStatus.php sql injection

A vulnerability has been found in code-projects Simple Admin Panel 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file updateOrderStatus.php. The manipulation of the argument record leads to sql injection. The attack can be launched remotely. The...

CVE-2024-12936 code-projects Simple Admin Panel catDeleteController.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Simple Admin Panel 1.0. This issue affects some unknown processing of the file catDeleteController.php. The manipulation of the argument record leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-12936

code-projects Simple Admin Panel 1.0 is affected by a SQL injection in the catDeleteController.php file. The vulnerability arises from improper handling of the record parameter, allowing an attacker to manipulate this input remotely over the network. Exploitation has been disclosed publicly, indi...

CVE-2024-12935 code-projects Simple Admin Panel editItemForm.php sql injection

A vulnerability classified as critical was found in code-projects Simple Admin Panel 1.0. This vulnerability affects unknown code of the file editItemForm.php. The manipulation of the argument record leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

CVE-2024-12935

The CVE-2024-12935 entry concerns code-projects Simple Admin Panel 1.0. The vulnerability is a SQL injection in the editItemForm.php file, affecting the argument record and allowing remote exploitation. Multiple sources (NVD, CVE records, and vendor feeds) confirm the flaw and its critical classi...

CVE-2024-12933

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file updateItemController.php. The manipulation of the argument pname/pdesc leads to cross site scripting. The attack may be launched...

CVE-2024-12934 code-projects Simple Admin Panel updateItemController.php sql injection

A vulnerability classified as critical has been found in code-projects Simple Admin Panel 1.0. This affects an unknown part of the file updateItemController.php. The manipulation of the argument pdesk leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-12932

The CVE-2024-12932 affects Code-Projects Simple Admin Panel 1.0, specifically the addSizeController.php file. The vulnerability arises from manipulating the size parameter, which leads to cross-site scripting (XSS). The issue can be exploited remotely. Available connected documents confirm the co...

CVE-2024-12932 code-projects Simple Admin Panel addSizeController.php cross site scripting

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting. The attack can be launched...

CVE-2024-12931 code-projects Simple Admin Panel addCatController.php sql injection

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been classified as critical. Affected is an unknown function of the file /addCatController.php. The manipulation of the argument size leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...