EUVD-2020-29493

Malware in sbrugna...

CVE-2020-7229

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landinglocation. The function is countSearchedJobs. The file is lib/class.Job.php...

Sql injection

An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is jobid. The function is getJobApplicationsByJobId. The file is lib/class.JobApplication.php...

CVE-2020-8645

CVE-2020-8645 affects Simplejobscript.com SJS (up to v1.66). The issue is an unauthenticated SQL injection in the job applications search function, exploitable via the vulnerable parameter job_id in the function getJobApplicationsByJobId() within the file _lib/class.JobApplication.php . The CVSS ...

CVE-2020-8440

controllers/pageapply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume...

Remote code execution

controllers/pageapply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume...

CVE-2020-8440

CVE-2020-8440 affects Simplejobscript.com SJS, specifically the controllers/page_apply.php component, up through version 1.66. The issue is an unauthenticated Remote Code Execution vulnerability triggered by uploading a PHP script as a resume, allowing attackers to execute arbitrary code on the s...

CVE-2020-7229

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landinglocation. The function is countSearchedJobs. The file is lib/class.Job.php...

CVE-2020-7229

Simplejobscript.com SJS