2 matches found
CVE-2019-15129
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates' files in the photo folder on the website by specifying a "user id" parameter and file name, such as in a recruitmentonline/upload/user/userid/photo/filename URI...
CVE-2019-15129
The CVE-2019-15129 entry concerns the Recruitment module of Humanica Humatrix (versions 7 1.0.0.203 and 1.0.0.681). Affected component/file access path recruitment_online/upload/user/[user_id]/photo/[file_name] allows an unauthenticated attacker to access all candidates’ files stored in the photo...