VYPR
Vendor

Online Job Portal

Products
1
CVEs
9
Across products
9
Status
Private

Products

1

Recent CVEs

9
  • CVE-2024-8470CriSep 5, 2024
    risk 0.64cvss 9.8epss 0.00

    SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored in it.

  • CVE-2024-8466CriSep 5, 2024
    risk 0.64cvss 9.8epss 0.00

    SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it.

  • CVE-2024-8465CriSep 5, 2024
    risk 0.64cvss 9.8epss 0.00

    SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it.

  • CVE-2023-49689CriDec 22, 2023
    risk 0.64cvss 9.8epss 0.01

    Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49688CriDec 22, 2023
    risk 0.64cvss 9.8epss 0.01

    Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49681CriDec 21, 2023
    risk 0.64cvss 9.8epss 0.01

    Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49677CriDec 21, 2023
    risk 0.64cvss 9.8epss 0.01

    Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2020-29241MedJan 26, 2021
    risk 0.31cvss 4.8epss 0.01

    Online News Portal using PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML via the "Title" parameter.

  • CVE-2024-0262LowJan 7, 2024
    risk 0.16cvss 2.4epss 0.01

    A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Admin/News.php of the component Create News Page. The manipulation of the argument News with the input…