Online Recruitment Management System
Monthly
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=save_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Critical SQL injection vulnerability in Campcodes Online Recruitment Management System version 1.0 affecting the /admin/ajax.php?action=save_application endpoint. An unauthenticated remote attacker can manipulate the position_id parameter to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with proof-of-concept code available, making active exploitation likely.
Critical SQL injection vulnerability in Campcodes Online Recruitment Management System version 1.0, affecting the authentication endpoint at /admin/ajax.php?action=login. An unauthenticated remote attacker can manipulate the Username parameter to execute arbitrary SQL queries, potentially leading to unauthorized access, data exfiltration, or database manipulation. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=save_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Critical SQL injection vulnerability in Campcodes Online Recruitment Management System version 1.0 affecting the /admin/ajax.php?action=save_application endpoint. An unauthenticated remote attacker can manipulate the position_id parameter to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with proof-of-concept code available, making active exploitation likely.
Critical SQL injection vulnerability in Campcodes Online Recruitment Management System version 1.0, affecting the authentication endpoint at /admin/ajax.php?action=login. An unauthenticated remote attacker can manipulate the Username parameter to execute arbitrary SQL queries, potentially leading to unauthorized access, data exfiltration, or database manipulation. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.