CVE-2024-1972 – SourceCodester Online Job Portal EditProfile.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-1972
A vulnerability was found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Employer/EditProfile.php. The manipulation of the argument Address leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://prnt.sc/gtk7Fj43Qwy9 https://vuldb.com/?ctiid.255128 https://vuldb.com/?id.255128 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-1922 – SourceCodester Online Job Portal Manage Job Page ManageJob.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-1922
A vulnerability has been found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Employer/ManageJob.php of the component Manage Job Page. The manipulation of the argument Qualification/Description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://prnt.sc/WD3nof5FsEBv https://prnt.sc/zw3SnPnfpKGu https://vuldb.com/?ctiid.254857 https://vuldb.com/?id.254857 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-1919 – SourceCodester Online Job Portal Manage Walkin Page ManageWalkin.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-1919
A vulnerability classified as problematic was found in SourceCodester Online Job Portal 1.0. This vulnerability affects unknown code of the file /Employer/ManageWalkin.php of the component Manage Walkin Page. The manipulation of the argument Job Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://prnt.sc/1W0g0F8vv2mw https://vuldb.com/?ctiid.254854 https://vuldb.com/?id.254854 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-0262 – Online Job Portal Create News Page News.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-0262
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Admin/News.php of the component Create News Page. The manipulation of the argument News with the input </title><scRipt>alert(0x00C57D)</scRipt> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://mega.nz/file/zEsxyIYQ#re6pHT-2OGX9SNk1OpygDCQYu1RpBiOrQ_2QS6beRos https://vuldb.com/?ctiid.249818 https://vuldb.com/?id.249818 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-46679 – Online Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
https://notcve.org/view.php?id=CVE-2023-46679
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname_email' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database. Online Job Portal v1.0 es afectado por múltiples vulnerabilidades de inyección SQL no autenticada. El parámetro 'txt_uname_email' del recurso index.php no valida los caracteres recibidos y se envían sin filtrar a la base de datos. • https://fluidattacks.com/advisories/netrebko https://projectworlds.in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •