CVE-2024-13093

Name of the Vulnerable Software and Affected Versions code-projects Job Recruitment version 1.0

Description A critical issue has been found in the Seeker Profile Handler component, affecting some unknown processing of the file / parse/ call main search ajax.php. The manipulation of the argument s1 leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For code-projects Job Recruitment version 1.0, as a temporary workaround, consider restricting access to the call main search ajax.php file until a patch is available. Avoid using the argument s1 in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.