CVE-2025-7781

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

EUVD-2025-33710

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-7781

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-7781 WP JobHunt <= 7.6 - Authenticated (Candidate+) Stored Cross-Site Scripting via ‘cs_job_title’

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-7781

CVE-2025-7781 affects WP JobHunt (WordPress plugin) up to version 7.6, with a Stored Cross-Site Scripting via the cs_job_title parameter due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Candidate level or higher, and the vulnerability can c...

PT-2025-41558

Name of the Vulnerable Software and Affected Versions WP JobHunt plugin for WordPress versions prior to 7.7 Description The WP JobHunt plugin for WordPress, used by the JobCareer theme, has a flaw that allows malicious code to be stored and executed when a user views an affected page. This is due...

EUVD-2021-16137

Malware in sbrugna...

EUVD-2025-24622

Malicious code in bioql PyPI...

Job Diary user-apply.php file SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter jobtitle in the file /user-apply.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

CVE-2025-8921

A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulation of the argument jobtitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and...

CVE-2025-8921

Code-Projects Job Diary 1.0 is affected by a SQL injection in /user-apply.php via the job_title parameter. Several connected documents confirm remote exploitation and public disclosure of the exploit. The exact vulnerable functionality is unknown beyond that the issue arises in /user-apply.php. R...

Code-Projects Job Diary 注入漏洞

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter jobtitle in the file /user-apply.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

CVE-2024-1919

A vulnerability classified as problematic was found in SourceCodester Online Job Portal 1.0. This vulnerability affects unknown code of the file /Employer/ManageWalkin.php of the component Manage Walkin Page. The manipulation of the argument Job Title leads to cross site scripting. The attack can...

CVE-2021-29663

CourseMS aka Course Registration Management System 2.1 is affected by cross-site scripting XSS. When an attacker with access to an Admin account creates a Job Title in the Site area aka the admin/addjobs.php name parameter, they can insert an XSS payload. This payload will execute whenever anyone...

PT-2024-39846 · Unknown · Sourcecodester Profile Registration Without Reload Refresh

Name of the Vulnerable Software and Affected Versions: SourceCodester Profile Registration without Reload Refresh version 1.0 Description: A vulnerability has been found in the system, marked as problematic. The issue affects an unknown functionality of the file add.php. The manipulation of the...

CVE-2024-1919

A vulnerability classified as problematic was found in SourceCodester Online Job Portal 1.0. This vulnerability affects unknown code of the file /Employer/ManageWalkin.php of the component Manage Walkin Page. The manipulation of the argument Job Title leads to cross site scripting. The attack can...

Online Job Portal 跨站脚本漏洞

Online Job Portal is an online job search portal. A cross-site scripting vulnerability exists in Online Job Portal version 1.0, which stems from the parameter Job Title in the file /Employer/ManageWalkin.php that causes cross-site scripting. No details of the vulnerability are available at this...

PT-2024-18421 · Unknown · Sourcecodester Online Job Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Job Portal version 1.0 Description: A problematic vulnerability was found in the Manage Walkin Page component, specifically in the file /Employer/ManageWalkin.php. The issue arises from the manipulation of the Job Title...

BIT-LIFERAY-2023-33943

Cross-site scripting XSS vulnerability in the Account module in Liferay Portal 7.4.3.21 through 7.4.3.62, and Liferay DXP 7.4 update 21 through 62 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user's 1 First Name, 2 Middle Name, 3 Last Name, ...

CVE-2023-33943

Cross-site scripting XSS vulnerability in the Account module in Liferay Portal 7.4.3.21 through 7.4.3.62, and Liferay DXP 7.4 update 21 through 62 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user's 1 First Name, 2 Middle Name, 3 Last Name, ...