Page 2 of 12 results (0.010 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •