Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  >> Job Portal  Security Vulnerabilities
CVE-2024-8472
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through multiple parameters in /jobportal/index.php.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8473
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through user_email parameter in /jobportal/admin/login.php.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8469
SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8470
SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/vacancy/controller.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8471
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME parameters in /jobportal/process.php.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8465
SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8466
SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8467
SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8468
SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05
CVE-2024-8464
SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved