MidnightBSD

Advisories for basic_job_site_script_project

CVE-2017-17642 HIGH

Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
basic_job_site_script_project basic_job_site_script 2.0.5
CVE-2017-17894 MEDIUM

Readymade Job Site Script has CSRF via the /job URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
basic_job_site_script_project basic_job_site_script -
CVE-2017-17895 HIGH

Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
basic_job_site_script_project basic_job_site_script -
CVE-2017-17896 MEDIUM

Readymade Job Site Script has XSS via the keyword parameter to the /job URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
basic_job_site_script_project basic_job_site_script -