CVE-2024-11076 – code-projects Job Recruitment activation.php sql injection

https://notcve.org/view.php?id=CVE-2024-11076

A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /activation.php. The manipulation of the argument e_hash leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/UnrealdDei/cve/blob/main/sql2-rce.md https://vuldb.com/?ctiid.283871 https://vuldb.com/?id.283871 https://vuldb.com/?submit.441182 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •