CVE-2024-11127: code-projects Job Recruitment admin.php sql injection
First published: Tue Nov 12 2024(Updated: )
A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Anisha Job Recruitment | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11127?
CVE-2024-11127 has been declared as a critical vulnerability.
How do I fix CVE-2024-11127?
To fix CVE-2024-11127, update the Anisha Job Recruitment software to a patched version that addresses the SQL injection vulnerability.
What functionality is affected by CVE-2024-11127?
CVE-2024-11127 affects an unknown functionality of the admin.php file due to improper handling of the userid parameter.
What type of attack can be executed via CVE-2024-11127?
CVE-2024-11127 allows for a remote SQL injection attack, potentially compromising the database.
Which software versions are impacted by CVE-2024-11127?
CVE-2024-11127 impacts Anisha Job Recruitment version 1.0.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/source
- vendor/anisha
- canonical/anisha job recruitment
- version/anisha job recruitment/1.0