Lucene search
K
Complete Online Job Search System ProjectComplete Online Job Search System

14 matches found

CVE
CVE
added 2022/06/02 3:22 p.m.98 views

CVE-2022-32018

CVE-2022-32018 affects the software Complete Online Job Search System v1.0 . The vulnerability is a SQL Injection via the URL path /eris/index.php?q=hiring&search= (input passed to a query is not properly validated). Per connected documents, an attacker could potentially exhaustively extract data...

7.2CVSS7.3AI score0.04522EPSS
Web
CVE
CVE
added 2022/06/02 3:36 p.m.89 views

CVE-2022-32007

Complete Online Job Search System v1.0 is affected by an SQL Injection in the admin path /eris/admin/company/index.php?view=edit&id=. The root cause is improper input handling leading to SQL query manipulation. Impact described across sources includes potential data disclosure, data modification,...

7.2CVSS7.3AI score0.04522EPSS
Web
CVE
CVE
added 2022/06/02 3:26 p.m.85 views

CVE-2022-32015

Complete Online Job Search System 1.0 is vulnerable to SQL injection via /eris/index.php?q=category&search=. The issue, repeatedly reported across CVE-2022-32015 records (NVD, NUCLEI template, CNVD, RH and others), indicates that unsanitized input to the category search parameter allows an attack...

7.2CVSS7.3AI score0.04522EPSS
Web
CVE
CVE
added 2022/06/02 3:32 p.m.80 views

CVE-2022-32010

CVE-2022-32010 affects Complete Online Job Search System v1.0. The vulnerability is a SQL injection through /eris/admin/user/index.php?view=edit&id=, resulting from insufficient input validation. Documented impacts include potential unauthorized data exposure, tampering, and disruption (CVSS v3.1...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/05/11 12:58 p.m.79 views

CVE-2022-29316

Vulnerability: CVE-2022-29316 in Complete Online Job Search System v1.0 exhibits a SQL injection flaw in the parameter q (result&searchfor) to /eris/index.php, arising from unsanitized user input. This can enable attackers to manipulate SQL queries and potentially access or modify database data. ...

9.8CVSS9.7AI score0.03073EPSS
Web
CVE
CVE
added 2022/06/02 3:31 p.m.79 views

CVE-2022-32011

CVE-2022-32011 affects Complete Online Job Search System v1.0. The vulnerability is SQL Injection via /eris/admin/applicants/index.php?view=view&id=, caused by lack of input validation for external input in SQL statements. Related connected sources (CNVD/Red Hat/NVD/CVE listings) corroborate the ...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/06/02 3:30 p.m.77 views

CVE-2022-32012

CVE-2022-32012 affects Complete Online Job Search System v1.0 and is a SQL Injection vulnerability exploitable via /eris/admin/employee/index.php?view=edit&id=. The root cause is lack of validation of externally entered SQL statements in that endpoint, enabling an attacker to execute arbitrary SQ...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/06/02 3:35 p.m.73 views

CVE-2022-32008

CVE-2022-32008 affects Complete Online Job Search System v1.0. The vulnerability is an SQL injection in eris/admin/vacancy/index.php?view=edit&id= (missing input validation). Documented across multiple sources (CNVD/CNNVD/NVD/Red Hat), indicating the input parameter can be exploited to execute ar...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/06/02 3:23 p.m.71 views

CVE-2022-32017

CVE-2022-32017 affects Complete Online Job Search System v1.0. Multiple connected sources confirm a SQL Injection vulnerability in /eris/index.php?q=result&searchfor=bytitle, arising from missing validation of external input. CNVD and RH/Red Hat entries describe the same flaw as a SQL injection t...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/06/02 3:27 p.m.70 views

CVE-2022-32014

CVE-2022-32014 affects Complete Online Job Search System v1.0. The vulnerability is a SQL Injection in /eris/index.php?q=result&searchfor=byfunction caused by lack of input validation. Impact described in CNVD/PRION/Red Hat/NVD entries includes potential to execute illegal SQL commands and access...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/06/02 3:24 p.m.70 views

CVE-2022-32016

CVE-2022-32016 affects Complete Online Job Search System v1.0, with a SQL Injection vulnerability in the web path /eris/index.php?q=result&searchfor=bycompany. The issue stems from unsafely constructed SQL statements in the affected page, enabling an attacker to manipulate queries and potentially...

7.2CVSS7.4AI score0.00946EPSS
Web
CVE
CVE
added 2022/06/02 3:28 p.m.67 views

CVE-2022-32013

CVE-2022-32013 affects the Complete Online Job Search System v1.0. The vulnerability is a SQL Injection in the page eris/admin/category/index.php?view=edit&id=, arising from missing validation of external input for SQL statements. The root cause is inadequate input handling that allows an attacke...

7.2CVSS7.4AI score0.01321EPSS
Web
CVE
CVE
added 2022/08/05 8:13 p.m.66 views

CVE-2022-35163

CVE-2022-35163 affects Complete Online Job Search System v1.0. A cross-site scripting (XSS) vulnerability exists via the U_NAME parameter at /category/controller.php?action=edit. The NVD entry lists CVSS v3.1 metrics: AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N with a base score of 4.8 (Medium). Connecte...

4.8CVSS5AI score0.00429EPSS
Web
CVE
CVE
added 2022/08/05 8:13 p.m.58 views

CVE-2022-35162

Complete Online Job Search System v1.0 contains a cross-site scripting (XSS) vulnerability via the CATEGORY parameter at /category/controller.php?action=edit. The issue affects the CATEGORY input handling and could allow script execution in the context of the affected application. Publicly docume...

4.8CVSS5AI score0.00429EPSS
Web