Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/10/11 11:20 a.m.6 views

CVE-2025-7781

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.3AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 12:30 p.m.7 views

EUVD-2025-33710

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS4.9AI score0.00176EPSS
Exploits0References3
NVD
NVD
added 2025/10/10 12:15 p.m.8 views

CVE-2025-7781

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross-Site Scripting via the ‘csjobtitle’ parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS0.00176EPSS
Exploits0References2
CVE
CVE
added 2025/10/10 11:17 a.m.18 views

CVE-2025-7781

CVE-2025-7781 affects WP JobHunt (WordPress plugin) up to version 7.6, with a Stored Cross-Site Scripting via the cs_job_title parameter due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Candidate level or higher, and the vulnerability can c...

6.4CVSS5AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.8 views

PT-2025-41558

Name of the Vulnerable Software and Affected Versions WP JobHunt plugin for WordPress versions prior to 7.7 Description The WP JobHunt plugin for WordPress, used by the JobCareer theme, has a flaw that allows malicious code to be stored and executed when a user views an affected page. This is due...

6.4CVSS6.6AI score0.00176EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24622

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00409EPSS
Exploits1References5
CNVD
CNVD
added 2025/08/20 12:0 a.m.5 views

Job Diary user-apply.php file SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter jobtitle in the file /user-apply.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

9.8CVSS8.3AI score0.00409EPSS
Exploits1References1
NVD
NVD
added 2025/08/13 6:15 p.m.8 views

CVE-2025-8921

A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulation of the argument jobtitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and...

9.8CVSS0.00409EPSS
Exploits1References5
CVE
CVE
added 2025/08/13 6:2 p.m.21 views

CVE-2025-8921

Code-Projects Job Diary 1.0 is affected by a SQL injection in /user-apply.php via the job_title parameter. Several connected documents confirm remote exploitation and public disclosure of the exploit. The exact vulnerable functionality is unknown beyond that the issue arises in /user-apply.php. R...

9.8CVSS7.6AI score0.00409EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.3 views

Code-Projects Job Diary 注入漏洞

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter jobtitle in the file /user-apply.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

9.8CVSS8.2AI score0.00409EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

Online Job Portal 跨站脚本漏洞

Online Job Portal is an online job search portal. A cross-site scripting vulnerability exists in Online Job Portal version 1.0, which stems from the parameter Job Title in the file /Employer/ManageWalkin.php that causes cross-site scripting. No details of the vulnerability are available at this...

5.4CVSS6AI score0.00546EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.6 views

PT-2024-18421 · Unknown · Sourcecodester Online Job Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Job Portal version 1.0 Description: A problematic vulnerability was found in the Manage Walkin Page component, specifically in the file /Employer/ManageWalkin.php. The issue arises from the manipulation of the Job Title...

5.4CVSS4.2AI score0.00546EPSS
Exploits1References6
Rows per page
Query Builder