3 matches found
CVE-2010-1605
CVE-2010-1605 affects isearch.php in the NCT Jobs Portal Script, where SQL injection is possible through the anyword and cityname parameters. The underlying issue is likely improper input handling allowing malicious SQL to be executed by remote attackers, with the NVD entry citing a base score of...
CVE-2010-1604
CVE-2010-1604 involves multiple SQL injection vulnerabilities in admin_login.php of the NCT Jobs Portal Script, allowing remote attackers to inject SQL via the login (user) and password (passwd) fields. The issue stems from unsafely constructed SQL queries in the login handling code, enabling arb...
CVE-2010-1606
CVE-2010-1606 describes multiple cross-site scripting (XSS) vulnerabilities in the NCT Jobs Portal Script. The flaws allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired City fields. Exploitation details (e.g., exploit strings, p...