CVE-2024-8467

Name of the Vulnerable Software and Affected Versions: Job Portal versions (affected versions not specified)

Description: The issue is related to a SQL injection vulnerability. An attacker could send a specially designed query through the id parameter in the "/jobportal/admin/category/index.php" endpoint and retrieve all the information stored in it.

Recommendations: As a temporary workaround, consider restricting access to the "/jobportal/admin/category/index.php" endpoint until a patch is available. Avoid using the id parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.