Campcodes Online Job Finder System Vulnerable to SQL Injection
CVE-2024-2668

6.5MEDIUM

Key Information:

Vendor: Campcodes
Status: Online Job Finder System
Vendor: CVE Published:; 20 March 2024

What is CVE-2024-2668?

A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/vacancy/controller.php. The manipulation of the argument id/CATEGORY leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257368.

References

https://vuldb.com/?id.257368

https://vuldb.com/?ctiid.257368

https://github.com/E1CHO/cve_hub/blob/main/Online%20Job%2...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2024