Security Vulnerabilities
A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-10
A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performing manipulation of the argument txtusername results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-10
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-10
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadController.do. An attacker with normal privileges was able to upload a malicious file that would lead to remote code execution.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-10
A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-10
code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations.
CVSS Score
9.9
EPSS Score
0.0
Published
2025-10-10
code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS) vulnerability in the Add Room function of the online hotel reservation system. Malicious JavaScript code is entered in the Description field, which can leak the administrator's cookie information when browsing this room information
CVSS Score
4.1
EPSS Score
0.0
Published
2025-10-10
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file.
CVSS Score
9.4
EPSS Score
0.0
Published
2025-10-10
SourceCodester Online Student Clearance System 1.0 is vulnerable to Incorrect Access Control. The application contains a logic flaw which allows low privilege users can forge high privileged sessions and perform sensitive operations.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-10-10
code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-10-10