Lucene search
+L

829 matches found

nuclei
nuclei
added 13 hours ago56 views

WordPress Job Portal < 2.0.6 - SQL Injection

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter before using it in a SQL statement,leading to a SQL injection vulnerability that is exploitable by unauthenticated users. This vulnerability can be used to extractsensitive data from the database or...

9.8CVSS7AI score0.03096EPSS
Exploits2References2
cvelist
cvelist
added 17 hours ago13 views

CVE-2026-12395 WP Job Portal < 2.5.5 - Subscriber+ SQL Injection via Applied Resumes 'ta' Parameter

The WP Job Portal WordPress plugin before 2.5.5 does not properly sanitize and escape a parameter before using it in a SQL query, allowing authenticated users with a subscriber-level self-registerable account to perform SQL injection attacks...

Exploits0References1
cve
cve
added 17 hours ago6 views

CVE-2026-12395

CVE-2026-12395 : The WP Job Portal WordPress plugin before 2.5.5 is vulnerable to a SQL injection in the applied resumes by the ta parameter due to improper sanitization/escaping before SQL usage. Exploitation requires an authenticated subscriber-level user. Impact per sources is potential SQL in...

6.5CVSS6.1AI score
Exploits0References1
euvd
euvd
added 17 hours ago5 views

EUVD-2026-44872

The WP Job Portal WordPress plugin before 2.5.5 does not properly sanitize and escape a parameter before using it in a SQL query, allowing authenticated users with a subscriber-level self-registerable account to perform SQL injection attacks...

6.5CVSS6.1AI score
Exploits0References1
nvd
nvd
added 2 days ago7 views

CVE-2026-15678

A security vulnerability has been detected in code-projects Online Job Portal 1.0. This impacts an unknown function of the file /Admin/DetailJob.php. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may ...

5.1CVSS0.00199EPSS
Exploits0References6
euvd
euvd
added 2 days ago5 views

EUVD-2026-43631

A security vulnerability has been detected in code-projects Online Job Portal 1.0. This impacts an unknown function of the file /Admin/DetailJob.php. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may ...

5.1CVSS4.6AI score0.00199EPSS
Exploits0References6
cvelist
cvelist
added 2 days ago30 views

CVE-2026-15678 code-projects Online Job Portal DetailJob.php cross site scripting

A security vulnerability has been detected in code-projects Online Job Portal 1.0. This impacts an unknown function of the file /Admin/DetailJob.php. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may ...

5.1CVSS0.00199EPSS
Exploits0References6
nvd
nvd
added 2 days ago6 views

CVE-2026-15676

A security flaw has been discovered in code-projects Online Job Portal up to 1.0. The impacted element is an unknown function of the file /Admin/DeleteUser.php. Performing a manipulation results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the...

7.5CVSS0.00263EPSS
Exploits0References6
nvd
nvd
added 2 days ago6 views

CVE-2026-15675

A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...

7.5CVSS0.00263EPSS
Exploits0References6
cve
cve
added 2 days ago10 views

CVE-2026-15677

The CVE-2026-15677 entry concerns code-projects Online Job Portal 1.0. Affected component: /JobSeekerInsert.php. Issue: manipulating the argument txtFile allows unrestricted upload, with the attack executable remotely and the exploit publicly available. Impact is described as unrestricted file up...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
cvelist
cvelist
added 2 days ago26 views

CVE-2026-15677 code-projects Online Job Portal JobSeekerInsert.php unrestricted upload

A weakness has been identified in code-projects Online Job Portal 1.0. This affects an unknown function of the file /JobSeekerInsert.php. Executing a manipulation of the argument txtFile can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to t...

7.5CVSS0.00288EPSS
Exploits0References6
euvd
euvd
added 2 days ago5 views

EUVD-2026-43630

A weakness has been identified in code-projects Online Job Portal 1.0. This affects an unknown function of the file /JobSeekerInsert.php. Executing a manipulation of the argument txtFile can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to t...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
euvd
euvd
added 2 days ago5 views

EUVD-2026-43629

A security flaw has been discovered in code-projects Online Job Portal up to 1.0. The impacted element is an unknown function of the file /Admin/DeleteUser.php. Performing a manipulation results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the...

7.5CVSS6.7AI score0.00263EPSS
Exploits0References6
attackerkb
attackerkb
added 2 days ago3 views

CVE-2026-15676

A security flaw has been discovered in code-projects Online Job Portal up to 1.0. The impacted element is an unknown function of the file /Admin/DeleteUser.php. Performing a manipulation results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the...

7.5CVSS6.7AI score0.00263EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2 days ago28 views

CVE-2026-15676 code-projects Online Job Portal DeleteUser.php sql injection

A security flaw has been discovered in code-projects Online Job Portal up to 1.0. The impacted element is an unknown function of the file /Admin/DeleteUser.php. Performing a manipulation results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the...

7.5CVSS0.00263EPSS
Exploits0References6
cve
cve
added 2 days ago14 views

CVE-2026-15676

CVE-2026-15676 affects code-projects Online Job Portal (

7.5CVSS6.7AI score0.00263EPSS
Exploits0References6
cve
cve
added 2 days ago11 views

CVE-2026-15675

The vulnerability CVE-2026-15675 affects code-projects Online Job Portal 1.0. An unknown function in /Admin/EditUser.php processes the UserId argument, and manipulating it leads to SQL injection. It can be triggered remotely, and a published exploit exists. Impact targets confidentiality, integri...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References6
euvd
euvd
added 2 days ago4 views

EUVD-2026-43623

A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References6
cvelist
cvelist
added 2 days ago29 views

CVE-2026-15675 code-projects Online Job Portal EditUser.php sql injection

A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...

7.5CVSS0.00263EPSS
Exploits0References6
euvd
euvd
added 3 days ago5 views

EUVD-2026-43292

The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employer's contact email for a given job, allowing authenticated users with a subscriber-level self-registerable account to read other employers' private account email addresses by enumerating job...

4.3CVSS6.1AI score0.00162EPSS
Exploits0References2
Rows per page
Query Builder