10degres
  • Blog
  • CVEs
  • Services
  • Press
  • About

CVE-2020-7229

January 19, 2020 One minute read
sql injection

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). The file is _lib/class.Job.php.

  • mitre: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7229
  • public announcement: https://github.com/niteosoft/simplejobscript/issues/7