### [CVE-2020-8645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8645)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function is getJobApplicationsByJobId(). The file is _lib/class.JobApplication.php.

### POC

#### Reference
- https://github.com/niteosoft/simplejobscript/issues/9
- https://github.com/niteosoft/simplejobscript/issues/9

#### Github
No PoCs found on GitHub currently.