74 matches found
CVE-2025-10447
A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...
CVE-2025-10447
A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...
CVE-2025-10447 Campcodes Online Job Finder System applicationform.php unrestricted upload
A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...
PT-2025-37486
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A vulnerability exists in Campcodes Online Job Finder System 1.0. The issue is related to unrestricted file upload, stemming from the manipulation of the picture argument within an...
CVE-2025-22721
Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...
CVE-2020-36085
The CVE-2020-36085 entry concerns Egavilan Media’s Resumes Management and Job Application Website (Version 1.0). It describes a Stored Cross Site Scripting (XSS) vulnerability in the Apply For This Job Form, where an attacker can inject arbitrary code via the First Name and Last Name fields. The ...
PT-2025-5879 · Unknown · Egavilan Media Resumes Management/Job Application Website
Name of the Vulnerable Software and Affected Versions: Egavilan Media Resumes Management and Job Application Website version 1.0 Description: The issue allows remote attackers to inject arbitrary code via the First and Last Name fields in the Apply For This Job Form. This is a Stored Cross Site...
CVE-2025-22721
Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...
WordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ApplyOnline versions = 2.6.7.1...
CVE-2023-46080
Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.5.3...
PT-2025-1501 · Unknown · Applyonline
Name of the Vulnerable Software and Affected Versions: ApplyOnline – Application Form Builder and Manager versions 2.5.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can...
CVE-2024-3232
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232...
CVE-2024-3232
The CVE-2024-3232 issue affects Tenable Identity Exposure. The vulnerability is a formula injection where an authenticated, admin-level attacker can manipulate application form fields to induce another administrator to execute CSV payloads. Concrete details in connected sources indicate Tenable I...
CVE-2024-31263
Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...
CVE-2024-31263 WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...
CVE-2024-31263 WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...
CVE-2024-31263
CVE-2024-31263 is a CSRF vulnerability in the WordPress plugin Loan Repayment Calculator and Application Form (aka quick-interest-slider), affecting versions up to 2.9.4. The connected documents provide the vulnerability and affected version but do not specify exploit details, affected environmen...
WordPress Plugin Loan Repayment Calculator and Application Form 跨站请求伪造漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists ...
PT-2024-23907 · Unknown · Aerin Loan Repayment Calculator/Application Form
Name of the Vulnerable Software and Affected Versions: aerin Loan Repayment Calculator and Application Form versions 2.9.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...
WordPress Loan Repayment Calculator and Application Form Plugin <= 2.9.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Loan Repayment Calculator and Application Form Type Plugin Vulnerable versions = 2.9.4 Fixed in 2.9.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31263 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID...