Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0262 | 1 Projectworlds | 1 Online Job Portal | 2024-05-17 | 3.3 LOW | 4.8 MEDIUM |
| A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Admin/News.php of the component Create News Page. The manipulation of the argument News with the input </title><scRipt>alert(0x00C57D)</scRipt> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249818 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-46679 | 1 Projectworlds | 1 Online Job Portal | 2024-02-28 | N/A | 9.8 CRITICAL |
| Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname_email' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-46677 | 1 Projectworlds | 1 Online Job Portal | 2024-02-28 | N/A | 9.8 CRITICAL |
| Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||