15 matches found
BlackSanta Malware Targets HR Staff with Fake CV Downloads
Aryaka researchers have identified a new threat from a Russian-speaking group using 'BlackSanta' malware. By disguising attacks as job applications, hackers are bypassing security to target recruitment workflows...
CVE-2019-25499
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...
EUVD-2019-19725
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...
CVE-2019-25499
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...
CVE-2019-25499
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...
CVE-2019-25499
CVE-2019-25499 describes an SQL injection in Simple Job Script via the job_id parameter passed to get_job_applications_ajax.php. Unauthenticated attackers can manipulate queries, potentially bypass authentication and extract or modify data. Red Hat and other sources corroborate the issue, with ex...
CVE-2019-25499
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...
CVE-2019-25499 Simple Job Script SQL Injection via get_job_applications_ajax.php
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...
EUVD-2020-29493
Malware in sbrugna...
EUVD-2024-48289
Malicious code in bioql PyPI...
CVE-2020-8645
An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is jobid. The function is getJobApplicationsByJobId. The file is lib/class.JobApplication.php...
CVE-2020-8645
An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is jobid. The function is getJobApplicationsByJobId. The file is lib/class.JobApplication.php...
Sql injection
An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is jobid. The function is getJobApplicationsByJobId. The file is lib/class.JobApplication.php...
CVE-2020-8645
An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is jobid. The function is getJobApplicationsByJobId. The file is lib/class.JobApplication.php...
Hackers Steal $ 150,000 Malware Job Search !
Small businesses are worried about a new scam: criminals in search of work who want to break into online bank accounts. The U.S. Federal Bureau of Investigation issued a warning Wednesday on a new version of a fraud technique called long-term computer automated information exchange fraud. With AC...