CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

RedhatCVE•added 2026/03/05 7:30 p.m.•2 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

9.8CVSS6.1AI score0.00453EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:30 p.m.•3 views

CVE-2019-25501

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the appid parameter. Attackers can send POST requests to deleteapplicationajax.php with crafted payloads to extract sensitive data, bypass...

8.8CVSS6.1AI score0.00342EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:30 p.m.•4 views

CVE-2019-25498

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landinglocation parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authenticatio...

8.8CVSS6.1AI score0.00367EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:30 p.m.•3 views

CVE-2019-25500

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the employerid parameter. Attackers can send POST requests to the register-recruiters endpoint with time-based SQL injection payloads to...

8.8CVSS6.1AI score0.00294EPSS

Exploits1References1

EUVD•added 2026/03/04 6:31 p.m.•5 views

EUVD-2019-19724

8.8CVSS6.1AI score0.00367EPSS

Exploits1References3

EUVD•added 2026/03/04 6:31 p.m.•6 views

EUVD-2019-19728

Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the jobtypevalue parameter in the jobs endpoint. Attackers can craft requests with SVG payload injection to execute arbitrary JavaScript in victim...

6.1CVSS6AI score0.00251EPSS

Exploits1References3

NVD•added 2026/03/04 6:16 p.m.•4 views

CVE-2019-25501

8.8CVSS0.00342EPSS

Exploits1References2

NVD•added 2026/03/04 6:16 p.m.•4 views

CVE-2019-25498

8.8CVSS0.00367EPSS

Exploits1References2

NVD•added 2026/03/04 6:16 p.m.•6 views

CVE-2019-25502

6.1CVSS0.00251EPSS

Exploits1References2

NVD•added 2026/03/04 6:16 p.m.•5 views

CVE-2019-25499

9.8CVSS0.00453EPSS

Exploits1References2

OSV•added 2026/03/04 6:16 p.m.•3 views

CVE-2019-25501

8.2CVSS5.9AI score0.00342EPSS

Exploits1References2

OSV•added 2026/03/04 6:16 p.m.•1 views

CVE-2019-25502

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2026/03/04 6:16 p.m.•3 views

CVE-2019-25498

8.2CVSS5.9AI score0.00367EPSS

Exploits1References2

Cvelist•added 2026/03/04 5:15 p.m.•27 views

CVE-2019-25502 Simple Job Script Cross-Site Scripting via job_type_value Parameter

6.1CVSS0.00251EPSS

Exploits1References2

Cvelist•added 2026/03/04 5:15 p.m.•25 views

CVE-2019-25501 Simple Job Script SQL Injection via delete_application_ajax.php

8.8CVSS0.00342EPSS

Exploits1References2

Vulnrichment•added 2026/03/04 5:15 p.m.•2 views

CVE-2019-25501 Simple Job Script SQL Injection via delete_application_ajax.php

8.8CVSS6.1AI score0.00342EPSS

Exploits1References2

CVE•added 2026/03/04 5:15 p.m.•6 views

CVE-2019-25501

Summary: CVE-2019-25501 affects the Simple Job Script web application. The vulnerability resides in the server-side code handling the app_id parameter in the delete_application_ajax.php endpoint, enabling SQL injection to manipulate database queries. Public references indicate attackers can craft...

8.8CVSS6.1AI score0.00342EPSS

Exploits1References2Affected Software1