Vulnerabilities > Jobberbase > Jobberbase

DATE CVE VULNERABILITY TITLE RISK
2020-02-05 CVE-2019-20447 SQL Injection vulnerability in Jobberbase 2.0
Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endpoint.
network
low complexity
jobberbase CWE-89
7.5
7.5
2019-09-09 CVE-2019-16125 SQL Injection vulnerability in Jobberbase 2.0
In Jobberbase 2.0, the parameter category is not sanitized in public/page_subscribe.php, leading to /subscribe SQL injection.
network
low complexity
jobberbase CWE-89
critical
 9.8
9.8