SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the login.php component.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

Affected Vendors & Products

Vendors Products
Online Job Portal Project
  • Online Job Portal

Configuration 1 [-]

cpe:2.3:a:online_job_portal_project:online_job_portal:2020:*:*:*:*:*:*:*

No data.

References
Link Providers
https://gist.github.com/ae6e361b/30d56c116d9f727b91c418d044f42fd3 cve-icon cve-icon
https://github.com/ae6e361b/Online-Job-Portal cve-icon cve-icon
https://www.sourcecodester.com/php/14518/online-job-portal-php-full-source-code-2020.html cve-icon cve-icon
History

Tue, 24 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-09-22T00:00:00

Updated: 2024-09-24T15:49:17.483Z

Reserved: 2023-09-18T00:00:00

Link: CVE-2023-43468

cve-icon Vulnrichment

Updated: 2024-08-02T19:44:42.249Z

cve-icon NVD

Status : Analyzed

Published: 2023-09-23T00:15:20.303

Modified: 2023-09-25T13:52:41.227

Link: CVE-2023-43468

cve-icon Redhat

No data.