CVE-2026-7071 PUBLISHED

A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

• imad alvi (VulDB User) reporter

• VDB-359646 | CodeAstro Online Job Portal user-cvs file information disclosure
• VDB-359646 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #799236 | CodeAstro Online Job Portal Project in PHP MySQL 1.0 Improper Access Controls
• https://github.com/Xmyronn/CodeAstro-Job-Portal-Unauthenticated-Resume-Exposure
• https://codeastro.com/

• File and Directory Information Exposure CWE
• Information Disclosure CWE