CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

CVE-2019-25499

CVE-2019-25499 affects the Simple Job Script and allows unauthenticated SQL injection via the job_id parameter in get_job_applications_ajax.php. The vulnerability enables manipulation of database queries, potentially bypassing authentication and exposing or altering data. CVSS metrics indicate hi...

Simplejobscript SQL注入漏洞

Simplejobscript is a free worksheet software developed by Niteosoft. Simplejobscript has a SQL injection vulnerability. This vulnerability stems from the SQL injection in the jobid parameter, which could allow unverified attackers to manipulate database queries, extract sensitive data, or modify...

CVE-2025-54965

An XSS issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not properly sanitize the job ID parameter before using it in the job status page. An attacker who is able to social engineer a user into clicking a malicious link may be able to execute arbitrary...

PT-2025-43993

Name of the Vulnerable Software and Affected Versions BAE SOCET GXP versions prior to 4.6.0.2 Description An XSS issue exists in the SOCET GXP Job Status Service. The service does not properly sanitize the job ID parameter before using it in the job status page. An attacker may be able to execute...

BAE Systems SOCET GXP 安全漏洞

BAE Systems SOCET GXP is a high-end geographic information image analysis and mapping software from BAE Systems. A security vulnerability exists in BAE Systems SOCET GXP versions prior to 4.6.0.2, which stems from the Job Status Service not properly clearing the job ID parameter, which could lead...

PT-2024-12915 · Unknown · Code-Projects.Org Online Job Portal

Name of the Vulnerable Software and Affected Versions: code-projects.org Online Job Portal version 1.0 Description: The issue is related to SQL Injection. It can be exploited via the "/Employer/DeleteJob.php?JobId=1" API endpoint, specifically through the JobId variable. This allows for potential...

Online Job Portal Security Vulnerability

Online Job Portal is an online job portal for janobe individual developers. A security vulnerability exists in Online Job Portal that originates from an SQL injection attack via /Employer/DeleteJob.php?JobId=1...

EasyJobs < 1.4.8 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the job-id parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting PoC https://example.com/wp-content/plugins/easyjobs/admin/partials/easyjobs-candidates-display.php?job-id=%22%3E%3Cimg/src/onerror=alert/XSS/%3E...

CVE-2021-28970

eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...