Unrealdawn

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical issue has been found in the Seeker Profile Handler component, affecting some unknown processing of the file / parse/ call main search ajax.php. The manipulation of the argument `s1` leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For code-projects Job Recruitment version 1.0, as a temporary workaround, consider restricting access to the ` call main search ajax.php` file until a patch is available. Avoid using the argument `s1` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical vulnerability was found in the code of code-projects Job Recruitment. This issue affects the unknown code of the file / parse/ call job/search ajax.php of the component Job Post Handler. The manipulation of the argument `n` leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For code-projects Job Recruitment version 1.0, as a temporary workaround, consider restricting access to the `/parse/ call job/search ajax.php` endpoint until a patch is available. Avoid using the argument `n` in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical vulnerability has been found in code-projects Job Recruitment, affecting an unknown part of the file / parse/ feedback system.php. The manipulation of the `person` argument leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the ` feedback system.php` file until a patch is available. Restrict access to the `/parse/ feedback system.php` endpoint to minimize the risk of exploitation. Avoid using the `person` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical issue has been found in the function `add req` of the file `/ parse/ all edits.php`. The manipulation of the argument `jid/limit` leads to SQL injection. The attack can be initiated remotely. **Recommendations** As a temporary workaround, consider disabling the `add req` function until a patch is available. Restrict access to the `/ parse/ all edits.php` file to minimize the risk of exploitation. Avoid using the argument `jid/limit` in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical issue was found in the `add xp` function of the file `/ parse/ all edits.php`. The manipulation of the `job company` argument leads to SQL injection. This issue can be exploited remotely. Other parameters might also be affected. **Recommendations** For code-projects Job Recruitment version 1.0, update to the latest version and implement proper input sanitization to prevent SQL injection. As a temporary workaround, consider restricting access to the `add xp` function in the `/ parse/ all edits.php` file until a patch is available. Additionally, avoid using the `job company` argument in the affected function until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A critical issue has been found in the code-projects Job Recruitment system, affecting an unknown functionality of the file / parse/ all edits.php. The manipulation of the `skillset` argument leads to SQL injection. This issue can be exploited remotely. The exploit has been publicly disclosed and may be used. An attacker could gain unauthorized access to protected information and execute arbitrary code by sending a specially crafted request. Recommendations: For code-projects Job Recruitment version 1.0, as a temporary workaround, consider disabling the ` all edits.php` script or restricting access to the `skillset` parameter in the affected API endpoint until a patch is available. Avoid using the `skillset` parameter in the `/parse/ all edits.php` endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** code-projects Task Manager version 1.0 **Description** A critical issue was found in code-projects Task Manager. This affects an unknown part of the file /newProject.php. The manipulation of the `projectName` argument leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For version 1.0, update to the latest release to mitigate risks. Ensure you apply remediation steps immediately to protect your data. As a temporary workaround, consider restricting access to the `/newProject.php` file until a patch is available. Avoid using the `projectName` argument in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A high-severity vulnerability has been identified in code-projects Job Recruitment. The vulnerability affects an unknown functionality of the file /register.php. The manipulation of the argument `e/role` leads to cross-site scripting. The attack can be launched remotely. **Recommendations** To mitigate risks, update to the latest version of code-projects Job Recruitment. As a temporary workaround, consider restricting access to the `/register.php` file until a patch is available. Avoid using the `e/role` argument in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical vulnerability was found in the code-projects Job Recruitment software. The issue affects an unknown function of the file /index.php. The manipulation of the `email` argument leads to SQL injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For code-projects Job Recruitment version 1.0, update to the latest version immediately to mitigate risks. As a temporary workaround, consider restricting access to the `/index.php` file or disabling the unknown function until a patch is available. Avoid using the `email` argument in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** code-projects Job Recruitment version 1.0 **Description** A critical issue has been found in code-projects Job Recruitment, affecting the processing of the file /activation.php. The manipulation of the `e hash` argument leads to sql injection. The attack may be initiated remotely. **Recommendations** For code-projects Job Recruitment version 1.0, update to the latest release to mitigate risks. As a temporary workaround, consider restricting access to the /activation.php file until a patch is available. Avoid using the `e hash` argument in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** code-projects E-Health Care System version 1.0 **Description** A critical issue has been found in the file /Admin/adminlogin.php, where the manipulation of the `email` and `admin pswd` arguments as part of a String leads to sql injection. The attack may be launched remotely. The issue affects some unknown functionality of the file. **Recommendations** For code-projects E-Health Care System version 1.0, consider disabling the `/Admin/adminlogin.php` file or restricting access to it until a patch is available. Avoid using the `email` and `admin pswd` parameters in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.