Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8463 | 1 Phpgurukul | 1 Job Portal | 2024-09-12 | N/A | 8.8 HIGH |
| File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell. | |||||
| CVE-2024-8473 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through user_email parameter in /jobportal/admin/login.php. | |||||
| CVE-2024-8472 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through multiple parameters in /jobportal/index.php. | |||||
| CVE-2024-8471 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME parameters in /jobportal/process.php. | |||||
| CVE-2024-8470 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8469 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8468 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8467 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8466 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8465 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8464 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it. | |||||