CVE-2023-49686

Name of the Vulnerable Software and Affected Versions Job Portal version 1.0

Description The issue concerns an Unauthenticated SQL Injection vulnerability. Specifically, the txtTotal parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, and they are sent unfiltered to the database. This lack of validation allows for potential SQL injection attacks.

Recommendations For Job Portal version 1.0, as a temporary workaround, consider validating and filtering the txtTotal parameter in the "Employer/InsertWalkin.php" resource to prevent SQL injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.