Entrepreneur Job Portal Script
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17596 | Cri | 0.67 | 9.8 | 0.03 | Dec 13, 2017 | Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter. | ||
| CVE-2018-20641 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. | ||
| CVE-2018-20643 | Med | 0.42 | 6.5 | 0.02 | Mar 21, 2019 | PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | ||
| CVE-2018-20642 | Med | 0.42 | 6.5 | 0.02 | Mar 21, 2019 | PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field. | ||
| CVE-2018-20639 | Med | 0.40 | 6.1 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar. | ||
| CVE-2018-20640 | Med | 0.35 | 5.4 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field. | ||
| CVE-2018-20138 | Med | 0.35 | 5.4 | 0.01 | Dec 13, 2018 | PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541. | ||
| CVE-2018-7469 | Med | 0.31 | 4.8 | 0.01 | Feb 28, 2018 | PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type). |
- risk 0.67cvss 9.8epss 0.03
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
- risk 0.42cvss 6.5epss 0.02
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
- risk 0.42cvss 6.5epss 0.02
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field.
- risk 0.40cvss 6.1epss 0.01
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.
- risk 0.35cvss 5.4epss 0.01
PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541.
- risk 0.31cvss 4.8epss 0.01
PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type).