CVE-2020-7229

January 19, 2020 One minute read

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). The file is _lib/class.Job.php.

mitre: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7229
public announcement: https://github.com/niteosoft/simplejobscript/issues/7