Lucene search
+L

74 matches found

redhatcve
redhatcve
added 2025/09/17 1:52 p.m.6 views

CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

9.8CVSS6.8AI score0.00424EPSS
Exploits1References1
osv
osv
added 2025/09/15 2:15 p.m.5 views

CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

9.8CVSS5.6AI score0.00424EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/09/15 1:32 p.m.5 views

CVE-2025-10447 Campcodes Online Job Finder System applicationform.php unrestricted upload

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

7.5CVSS6.6AI score0.00424EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/09/15 12:0 a.m.8 views

PT-2025-37486

Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A vulnerability exists in Campcodes Online Job Finder System 1.0. The issue is related to unrestricted file upload, stemming from the manipulation of the picture argument within an...

7.5CVSS7.2AI score0.00424EPSS
Exploits1References8
redhatcve
redhatcve
added 2025/05/23 11:59 a.m.8 views

CVE-2025-22721

Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...

4.3CVSS7.2AI score0.00243EPSS
Exploits0References1
cve
cve
added 2025/02/06 12:0 a.m.52 views

CVE-2020-36085

The CVE-2020-36085 entry concerns Egavilan Media’s Resumes Management and Job Application Website (Version 1.0). It describes a Stored Cross Site Scripting (XSS) vulnerability in the Apply For This Job Form, where an attacker can inject arbitrary code via the First Name and Last Name fields. The ...

6.3CVSS7.5AI score0.00263EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/02/06 12:0 a.m.5 views

PT-2025-5879 · Unknown · Egavilan Media Resumes Management/Job Application Website

Name of the Vulnerable Software and Affected Versions: Egavilan Media Resumes Management and Job Application Website version 1.0 Description: The issue allows remote attackers to inject arbitrary code via the First and Last Name fields in the Apply For This Job Form. This is a Stored Cross Site...

6.3CVSS7AI score0.00263EPSS
Exploits0References4
nvd
nvd
added 2025/01/21 6:15 p.m.11 views

CVE-2025-22721

Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...

4.3CVSS0.00243EPSS
Exploits0References1
patchstack
patchstack
added 2025/01/15 11:2 a.m.9 views

WordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ApplyOnline versions = 2.6.7.1...

4.3CVSS8.2AI score0.00243EPSS
Exploits0Affected Software1
nvd
nvd
added 2025/01/02 12:15 p.m.7 views

CVE-2023-46080

Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline – Application Form Builder and Manager: from n/a through 2.5.3...

4.3CVSS0.00337EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/01/02 12:0 a.m.6 views

PT-2025-1501 · Unknown · Applyonline

Name of the Vulnerable Software and Affected Versions: ApplyOnline – Application Form Builder and Manager versions 2.5.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can...

4.3CVSS9.3AI score0.00337EPSS
Exploits0References4
nvd
nvd
added 2024/07/16 5:15 p.m.25 views

CVE-2024-3232

A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232...

7.6CVSS0.00469EPSS
Exploits0References1
cve
cve
added 2024/07/16 5:2 p.m.57 views

CVE-2024-3232

The CVE-2024-3232 issue affects Tenable Identity Exposure. The vulnerability is a formula injection where an authenticated, admin-level attacker can manipulate application form fields to induce another administrator to execute CSV payloads. Concrete details in connected sources indicate Tenable I...

7.6CVSS7.4AI score0.00469EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2024/04/12 1:15 p.m.14 views

CVE-2024-31263

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

5.4CVSS5.5AI score0.00197EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/04/12 12:49 p.m.16 views

CVE-2024-31263 WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

5.4CVSS7AI score0.00197EPSS
Exploits0References1
cvelist
cvelist
added 2024/04/12 12:49 p.m.20 views

CVE-2024-31263 WordPress Loan Repayment Calculator and Application Form plugin <= 2.9.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4...

5.4CVSS5.7AI score0.00197EPSS
Exploits0References1
cve
cve
added 2024/04/12 12:49 p.m.58 views

CVE-2024-31263

CVE-2024-31263 is a CSRF vulnerability in the WordPress plugin Loan Repayment Calculator and Application Form (aka quick-interest-slider), affecting versions up to 2.9.4. The connected documents provide the vulnerability and affected version but do not specify exploit details, affected environmen...

5.4CVSS8.5AI score0.00197EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/04/12 12:0 a.m.3 views

WordPress Plugin Loan Repayment Calculator and Application Form 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists ...

5.4CVSS8.4AI score0.00197EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/04/12 12:0 a.m.6 views

PT-2024-23907 · Unknown · Aerin Loan Repayment Calculator/Application Form

Name of the Vulnerable Software and Affected Versions: aerin Loan Repayment Calculator and Application Form versions 2.9.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintende...

5.4CVSS9.3AI score0.00197EPSS
Exploits0References4
patchstack
patchstack
added 2024/04/05 12:0 a.m.12 views

WordPress Loan Repayment Calculator and Application Form Plugin <= 2.9.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Loan Repayment Calculator and Application Form Type Plugin Vulnerable versions = 2.9.4 Fixed in 2.9.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31263 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID...

5.4CVSS6.6AI score0.00197EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder