GCVE - cpe:2.3:a:kashipara:job_portal:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kashipara:job_portal:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Kashipara (`6b7db86c-2a94-5a2d-adbe-6158c7191f84`)
Product	Job Portal (`9441ac77-720d-543c-8eb0-70a0db12374e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-49689`	vulnerable	2026-06-03 14:53:20.954110	Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) CRITICAL (9.8) Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database. Published: 2023-12-21T23:26:34.521Z Updated: 2024-08-02T22:01:25.695Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/pollini/ https://www.kashipara.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49688`	vulnerable	2026-06-03 14:53:20.953849	Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) CRITICAL (9.8) Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. Published: 2023-12-21T23:21:04.511Z Updated: 2024-09-12T19:50:52.525Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/pollini/ https://www.kashipara.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49681`	vulnerable	2026-06-03 14:53:20.953178	Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) CRITICAL (9.8) Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. Published: 2023-12-21T23:06:19.930Z Updated: 2024-09-12T19:52:13.964Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/pollini/ https://www.kashipara.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49677`	vulnerable	2026-06-03 14:53:20.952498	Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) CRITICAL (9.8) Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. Published: 2023-12-21T22:57:02.575Z Updated: 2024-08-02T22:01:26.016Z Open on db.gcve.eu Reference links https://fluidattacks.com/advisories/pollini/ https://www.kashipara.com/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.