RSS   Podatności dla 'Entrepreneur job portal script'   RSS

2019-03-21
 
CVE-2018-20643

CWE-22
 

 
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.

 
 
CVE-2018-20642

CWE-119
 

 
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field.

 
 
CVE-2018-20641

CWE-352
 

 
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

 
 
CVE-2018-20640

CWE-79
 

 
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.

 
 
CVE-2018-20639

CWE-79
 

 
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar.

 
2018-02-28
 
CVE-2018-7469

CWE-79
 

 
PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type).

 
2017-12-13
 
CVE-2017-17596

CWE-89
 

 
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top