CVE-2024-12968

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Dec 26, 2024

Updated: Dec 27, 2024

CWE ID 74

CWE ID 89

Summary

CVE-2024-12968 is a critical vulnerability that affects the code-projects Job Recruitment 1.0 software. The issue lies within the edit_jobpost function in the file /_parse/_all_edits.php, which is susceptible to SQL injection. Attackers can exploit this vulnerability remotely by manipulating the argument jobtype. The exploit for this vulnerability has been made public, increasing the risk of attacks. It's essential to note that other parameters in the software may also be affected.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Job Recruitment

Affected Vendors

Code Projects

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/17SzbD
https://www.cve.org/CVERecord?id=CVE-2024-12968
https://nvd.nist.gov/vuln/detail/CVE-2024-12968

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners