Description
A weakness has been identified in code-projects Online Job Portal 1.0. This affects an unknown function of the file /JobSeekerInsert.php. Executing a manipulation of the argument txtFile can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
Problem types
Product status
Timeline
| 2026-07-13: | Advisory disclosed |
| 2026-07-13: | VulDB entry created |
| 2026-07-13: | VulDB entry last update |
Credits
dazhi (VulDB User)
References
vuldb.com/vuln/378167 (VDB-378167 | code-projects Online Job Portal JobSeekerInsert.php unrestricted upload)
vuldb.com/vuln/378167/cti (VDB-378167 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-15677 (CVE-2026-15677 | CVE Analysis and Report)
vuldb.com/submit/855977 (Submit #855977 | code-projects Online Job Portal System 1.0 Allocation of File Descriptors or Handles Without Limits or Thro)
github.com/shihuizhang-dazhi/MY-CVE/issues/6
code-projects.org/