CVE-2024-12963

Name of the Vulnerable Software and Affected Versions code-projects Job Recruitment version 1.0

Description A critical issue was found in the add xp function of the file / parse/ all edits.php. The manipulation of the job company argument leads to SQL injection. This issue can be exploited remotely. Other parameters might also be affected.

Recommendations For code-projects Job Recruitment version 1.0, update to the latest version and implement proper input sanitization to prevent SQL injection. As a temporary workaround, consider restricting access to the add xp function in the / parse/ all edits.php file until a patch is available. Additionally, avoid using the job company argument in the affected function until the issue is resolved.