Entrepreneur Job Portal Script Project: >> Entrepreneur Job Portal Script Security Vulnerabilities
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-03-21
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-03-21
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-21
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-03-21
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-03-21
PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type).
CVSS Score
4.8
EPSS Score
0.002
Published
2018-02-28
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-12-13