32 matches found
CVE-2019-20447
Jobberbase 2.0 has SQL injection via the PATHINFO to the jobs-in endpoint...
CVE-2019-16125
In Jobberbase 2.0, the parameter category is not sanitized in public/pagesubscribe.php, leading to /subscribe SQL injection...
EUVD-2019-6964
Malware in sbrugna...
EUVD-2019-10993
Malware in sbrugna...
Jobberbase SQL Injection Vulnerability (CNVD-2020-04571)
Jobberbase is an open source platform for building job search websites. A SQL injection vulnerability exists in Jobberbase. The vulnerability stems from a lack of validation of externally entered SQL statements in the database-based application. An attacker can exploit this vulnerability to execu...
CVE-2019-20447
Jobberbase 2.0 has SQL injection via the PATHINFO to the jobs-in endpoint...
CVE-2019-20447
Jobberbase 2.0 has SQL injection via the PATHINFO to the jobs-in endpoint...
Sql injection
Jobberbase 2.0 has SQL injection via the PATHINFO to the jobs-in endpoint...
CVE-2019-20447
Jobberbase 2.0 is affected by SQL injection via PATH_INFO on the jobs-in endpoint. The root cause is lack of validation of externally supplied SQL statements in the database-based application, enabling an attacker to manipulate queries. CVSS metrics indicate high to critical impact (C/H I/H A/H) ...
CVE-2019-20447
Jobberbase 2.0 has SQL injection via the PATHINFO to the jobs-in endpoint...
SQL injection vulnerability in Jobberbase ap***.php file
Jobberbase is an open source platform for building job search websites. A SQL injection vulnerability exists in the Jobberbase ap.php file, which can be exploited by attackers to obtain sensitive information...
File upload vulnerability in Jobberbase pa***_ap***.php file
Jobberbase is an open source platform for building job search websites. A file upload vulnerability exists in the Jobberbase paap.php file, which can be exploited by an attacker to gain control of the web server...
CVE-2019-16125
In Jobberbase 2.0, the parameter category is not sanitized in public/pagesubscribe.php, leading to /subscribe SQL injection...
CVE-2019-16125
In Jobberbase 2.0, the parameter category is not sanitized in public/pagesubscribe.php, leading to /subscribe SQL injection...
Sql injection
In Jobberbase 2.0, the parameter category is not sanitized in public/pagesubscribe.php, leading to /subscribe SQL injection...
CVE-2019-16125
In Jobberbase 2.0, the parameter category is not sanitized in public/pagesubscribe.php, leading to /subscribe SQL injection...
CVE-2019-16125
Summary: CVE-2019-16125 affects Jobberbase 2.0 and arises from unsanitized input in the public/page_subscribe.php category parameter, enabling a /subscribe SQL injection. Impact (as documented): High/critical severity per NVD metrics (CVSS v2 base 7.5; CVSS v3.1 base 9.8). Exploitation context: n...
Jobberbase SQL Injection Vulnerability
Jobberbase is an open source platform for building job search websites. A SQL injection vulnerability exists in Jobberbase version 2.0, which can be exploited by attackers to execute illegal SQL commands...
PT-2019-14527 · Jobberbase · Jobberbase
Name of the Vulnerable Software and Affected Versions: Jobberbase version 2.0 Description: The issue arises from the lack of sanitization of the category parameter in the public/page subscribe.php file, leading to a SQL injection vulnerability in the /subscribe endpoint. Recommendations: For...
Jobberbase 2.0 subscribe SQL Injection
!/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is vulnerable for SQL injection. Simply mak...