CVE-2024-11077

Name of the Vulnerable Software and Affected Versions code-projects Job Recruitment version 1.0

Description A critical vulnerability was found in the code-projects Job Recruitment software. The issue affects an unknown function of the file /index.php. The manipulation of the email argument leads to SQL injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For code-projects Job Recruitment version 1.0, update to the latest version immediately to mitigate risks. As a temporary workaround, consider restricting access to the /index.php file or disabling the unknown function until a patch is available. Avoid using the email argument in the affected API endpoint until the issue is resolved.