Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Simple Job Script SQL injection: hackers can steal data
CVE-2019-25498
Summary
The Simple Job Script has a security weakness that allows hackers to break into the database and steal sensitive information. This can happen when the script doesn't properly check user input, allowing malicious code to be injected. To stay safe, update the script to properly validate user input.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| simplejobscript | simplejobscript | <= 1.66 | – |
Original title
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. Attacker...
Original description
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authentication and extract sensitive database information.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
- https://www.exploit-db.com/exploits/46612 Exploit VDB Entry
- https://www.vulncheck.com/advisories/simple-job-script-sql-injection-via-searche... Third Party Advisory
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026