Unrated severityNVD Advisory· Published Mar 4, 2026· Updated Apr 7, 2026
Simple Job Script SQL Injection via get_job_applications_ajax.php
CVE-2019-25499
Description
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the job_id parameter. Attackers can send POST requests to get_job_applications_ajax.php with malicious job_id values to bypass authentication, extract sensitive data, or modify database contents.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 1.66
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.exploit-db.com/exploits/46612mitreexploit
- www.vulncheck.com/advisories/simple-job-script-sql-injection-via-get-job-applications-ajaxphpmitrethird-party-advisory
News mentions
0No linked articles in our index yet.