CVE-2024-11127

Name of the Vulnerable Software and Affected Versions code-projects Job Recruitment version 1.0

Description A critical issue has been found in the code-projects Job Recruitment software. The problem affects an unknown functionality of the file admin.php. The manipulation of the userid argument leads to SQL injection. This issue can be exploited remotely. There is a potential for unauthenticated remote code execution via the userid in admin.php.

Recommendations For code-projects Job Recruitment version 1.0, patch immediately and review logs for signs of exploitation. As a temporary workaround, consider restricting access to the admin.php file to minimize the risk of exploitation. Avoid using the userid argument in the affected functionality until the issue is resolved.