CVE-2025-12928
A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
| Software | From | Fixed in |
|---|---|---|
| fabian / online_job_search_engine | 1.0 | 1.0.x |
- https://code-projects.org/
- https://github.com/lakshayyverma/CVE-Discovery/blob/main/Online%20Job%20Search%20Engine.md
- https://github.com/lakshayyverma/CVE-Discovery/blob/main/Online%20Job%20Search%20Engine.md#proof-of-concept-poc
- https://vuldb.com/?ctiid.331648
- https://vuldb.com/?id.331648
- https://vuldb.com/?submit.681740
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime