PHP JOBWEBSITE PRO Multiple Vulnerabilities

vendor:

PHP JOBWEBSITE PRO

by:

SecurityFocus

8.8

CVSS

HIGH

SQL-injection and Cross-site Scripting

89, 79

CWE

Product Name: PHP JOBWEBSITE PRO

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

PHP JOBWEBSITE PRO Multiple Vulnerabilities

PHP JOBWEBSITE PRO is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to execute unintended commands or access data that the user should not be allowed to access.

Source

PHP JOBWEBSITE PRO Multiple Vulnerabilities

Mitigation:

Exploit-DB raw data: