Skip to main content

CodeAstro Online Job Portal CVE-2026-7071

| EUVD-2026-25747 MEDIUM
Insertion of Sensitive Information into Externally-Accessible File (CWE-538)
2026-04-27 VulDB
Information Disclosure
5.5
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
PoC Detected
Apr 27, 2026 - 18:39 vuln.today
Public exploit code
Analysis Generated
Apr 27, 2026 - 01:29 vuln.today
CVSS changed
Apr 27, 2026 - 01:22 NVD
5.3 (MEDIUM) 5.5 (MEDIUM)
EUVD ID Assigned
Apr 27, 2026 - 01:15 euvd
EUVD-2026-25747
Analysis Generated
Apr 27, 2026 - 01:15 vuln.today
CVE Published
Apr 27, 2026 - 00:30 nvd
MEDIUM 5.5

DescriptionNVD

A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

AnalysisAI

CodeAstro Online Job Portal 1.0 exposes file and directory information through the /users/user-cvs/ endpoint via remote unauthenticated access, allowing attackers to enumerate and retrieve sensitive resume and user data. The vulnerability has publicly available exploit code and affects all versions of the application via the CPE cpe:2.3:a:codeastro:online_job_portal:*:*:*:*:*:*:*:*. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-7071 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy