CVE-2026-6201

CodeAstro Online Job Portal Delete Job Posting job-delete.php access control

CVSS 5.3 MEDIUMEPSS 0.3%CWE-266 CWE-284

A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipulation of the argument ID leads to improper access controls. The attack can be launched remotely. The exploit is publicly available and might be used.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Productos afectados

CodeAstro · Online Job Portal

PoCs públicas encontradas — 1

cve_referencegithub.com/Xmyronn/CodeAstro-Online-Job-Portal-IDOR.gitno verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://codeastro.com/https://github.com/Xmyronn/CodeAstro-Online-Job-Portal-IDOR.git https://vuldb.com/submit/797515 https://vuldb.com/vuln/357123 https://vuldb.com/vuln/357123/cti