2 matches found
CVE-2022-32012
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/employee/index.php?view=edit&id=...
CVE-2022-32012
CVE-2022-32012 affects Complete Online Job Search System v1.0 and is a SQL Injection vulnerability exploitable via /eris/admin/employee/index.php?view=edit&id=. The root cause is lack of validation of externally entered SQL statements in that endpoint, enabling an attacker to execute arbitrary SQ...