إرسال #846744: code-projects Online Job Portal 1.0 SQL Injectionالمعلومات

عنوانcode-projects Online Job Portal 1.0 SQL Injection
الوصفAn unauthenticated SQL injection vulnerability exists in login.php of the Online Job Portal System 1.0. The application fails to properly sanitize user-supplied input for the txtUser and txtPass parameters before concatenating them into SQL queries. An unauthenticated remote attacker can exploit this flaw by injecting specially crafted SQL payloads, leading to authentication bypass, unauthorized access to the administrative panel, and full database disclosure, including administrator credentials and sensitive PII from job seekers and employers.
المصدر⚠️ https://github.com/aiyuyuyu/cve/blob/main/job_portal_sql.md
المستخدم
 yuyuyu (UID 97935)
ارسال03/06/2026 08:38 AM (1 شهر منذ)
الاعتدال03/07/2026 08:53 PM (1 month later)
الحالةتمت الموافقة
إدخال VulDB376174 [code-projects Online Job Portal 1.0 login.php txtUser/txtPass حقن SQL]
النقاط20

Want to know what is going to be exploited?

We predict KEV entries!