CNNVD-202511-972 Information
CNNVD ID
CNNVD-202511-972
Related CVE
- CNNVD Published: 2025-11-10
Description (Chinese)
Code-Projects Online Job Search Engine是Code-Projects的一个在线求职引擎。 Code-Projects Online Job Search Engine 1.0版本存在SQL注入漏洞,该漏洞源于对文件/login.php中参数username/phone的错误操作,可能导致SQL注入攻击。
Description (English)
Code-Projects Online Job Search Engineering is an online job search engine for Code-Projects. The Code-Projects Online Job Search Engineering Version 1.0 contains an injection loophole in SQL, which stems from an error in the use of the parameter username/phone in the document/login.php, which may result in an SQL injection attack.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Code-Projects
Published
2025-11-10
Last Modified
2026-02-24
References
https://code-projects.org/ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Online%20Job%20Search%20Engine.md https://github.com/lakshayyverma/CVE-Discovery/blob/main/Online%20Job%20Search%20Engine.md#proof-of-concept-poc https://vuldb.com/?ctiid.331648 https://vuldb.com/?id.331648 https://vuldb.com/?submit.681740
Share on: