CVE-2019-25501

Name of the Vulnerable Software and Affected Versions Simple Job Script (affected versions not specified)

Description The software contains an SQL injection issue that allows manipulation of database queries through malicious SQL code. Attackers can exploit this by injecting code via the app id parameter. Specifically, attackers can send POST requests to the ''delete application ajax.php'' endpoint with crafted payloads. This can lead to the extraction of sensitive data, bypassing authentication mechanisms, or modification of database contents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.