Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 2.0.6 |
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 3.0.1 |
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 3.0.1 |
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 3.0.1 |
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 3.0.1 |
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 3.0.1 |
PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type).
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrepreneur_job_portal_script_project | entrepreneur_job_portal_script | 2.0.9 |