Lucene search
K

9 matches found

EUVD
EUVD
added 2026/03/04 6:31 p.m.6 views

EUVD-2019-19725

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

8.8CVSS6.1AI score0.00453EPSS
Exploits1References3
OSV
OSV
added 2026/03/04 6:16 p.m.3 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

9.8CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2026/03/04 6:16 p.m.8 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

9.8CVSS0.00453EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:15 p.m.4 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

8.8CVSS6.1AI score0.00453EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/04 5:15 p.m.31 views

CVE-2019-25499 Simple Job Script SQL Injection via get_job_applications_ajax.php

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

8.8CVSS0.00453EPSS
Exploits1References2
CVE
CVE
added 2026/03/04 5:15 p.m.14 views

CVE-2019-25499

CVE-2019-25499 describes an SQL injection in Simple Job Script via the job_id parameter passed to get_job_applications_ajax.php. Unauthenticated attackers can manipulate queries, potentially bypass authentication and extract or modify data. Red Hat and other sources corroborate the issue, with ex...

9.8CVSS6.1AI score0.00453EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2025/07/29 8:43 p.m.2 views

SQL Injection

Overview bacula-web/bacula-web is a The open source web based reporting and monitoring tool for Bacula. Affected versions of this package are vulnerable to SQL Injection via the getJobFiles function in the application/Table/JobFileTable.php . An attacker can execute arbitrary code on the server b...

8.3CVSS8.6AI score0.00706EPSS
Exploits1References2
NVD
NVD
added 2015/11/25 8:59 p.m.18 views

CVE-2015-5319

XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...

5CVSS6.4AI score0.02291EPSS
Exploits0References3
Prion
Prion
added 2015/11/25 8:59 p.m.27 views

Xxe

XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...

5CVSS7AI score0.02291EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder