CVE-2023-49690

Name of the Vulnerable Software and Affected Versions Job Portal version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The WalkinId parameter of the "Employer/DeleteJob.php" resource does not validate the characters received, and they are sent unfiltered to the database.

Recommendations For Job Portal version 1.0, as a temporary workaround, consider restricting access to the "Employer/DeleteJob.php" resource until a patch is available. Avoid using the WalkinId parameter in the affected resource until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.