SQL injection vulnerability in Job Portal

The impact of this SQL injection vulnerability is severe. An attacker can leverage it to extract sensitive data stored within the Job Portal database. This could include user credentials, personal information, financial details, or any other data the application stores. Successful exploitation could lead to complete database compromise, allowing the attacker to modify or delete data, gain administrative access, or even execute arbitrary code on the server. The blast radius extends to all users of the Job Portal application and any systems connected to the database.

Organizations utilizing Job Portal for recruitment and applicant tracking are at significant risk. This includes businesses of all sizes, particularly those relying on the application for sensitive candidate data. Shared hosting environments where multiple applications share the same database are also at increased risk, as a compromise of one application could potentially expose data from others.

• php / server:

grep -r "SELECT.*FROM" /var/www/jobportal/

• generic web:

curl -X POST -d "CATEGORY='; DROP TABLE users;--" http://your-jobportal-url/jobportal/admin/category/controller.php | grep "ERROR"

1. 2024-09-05Disclosure

   disclosure

1. 已保留2024-09-05
2. 发布日期2024-09-05
3. EPSS 更新日期2026-04-02

The primary mitigation for CVE-2024-8466 is to upgrade to Job Portal version 1.0.1 or later, which contains the necessary fix. If immediate upgrading is not possible, consider implementing a Web Application Firewall (WAF) rule to filter out potentially malicious SQL queries targeting the CATEGORY parameter. Input validation and sanitization on the server-side can also help reduce the attack surface. Thoroughly review and update any existing database access controls to limit the potential damage from a successful attack. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection payload through the CATEGORY parameter and verifying that it is properly sanitized.