CVE-2026-10260— CodeAstro Online Job Portal delete-jobs.php sql injection
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CodeAstro | Online Job Portal | 1.0 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10260
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CodeAstro Online Job Portal delete-jobs.php sql injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /admin/jobs-admins/delete-jobs.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| CodeAstro | Online Job Portal | 1.0 | cpe:2.3:a:codeastro:online_job_portal:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-10260
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10260
请登录查看更多情报信息。
News Coverage for CVE-2026-10260 (1)
Same Patch Batch · CodeAstro · 2026-06-01 · 3 CVEs total
| CVE-2026-10261 | 7.3 HIGH | CodeAstro Online Job Portal application_status.php sql injection |
| CVE-2026-10235 | 6.3 MEDIUM | CodeAstro Ingredients Stock Management System stock_manager.php sql injection |
IV. Related Vulnerabilities
Same product: Online Job Portal
- CVE-2026-10261
CodeAstro Online Job Portal application_status.php sql injec - CVE-2026-7071
CodeAstro Online Job Portal user-cvs file information disclo - CVE-2026-7028
CodeAstro Online Job Portal All Jobs delete-jobs.php sql inj - CVE-2026-6201
CodeAstro Online Job Portal Delete Job Posting job-delete.ph - CVE-2024-1972
SourceCodester Online Job Portal EditProfile.php cross site
Same vendor: CodeAstro
- CVE-2026-10261
CodeAstro Online Job Portal application_status.php sql injec - CVE-2026-10235
CodeAstro Ingredients Stock Management System stock_manager. - CVE-2026-9542
CodeAstro Leave Management System add_staff.php sql injectio - CVE-2026-8231
CodeAstro Online Catering Ordering System deleteorder.php sq - CVE-2026-8132
CodeAstro Leave Management System login.php sql injection
Same weakness: CWE-89
- CVE-2026-45722
Nextcloud: Tables app allows limited SQLi in ORDER BY with m - CVE-2026-45545
Nextcloud: SQL Injection in Column Type Parameter Allows Arb - CVE-2026-42672
WordPress WP Directory Kit plugin <= 1.5.1 - SQL Injection v - CVE-2026-10265
itsourcecode Content Management System edit_topic.php sql in - CVE-2026-10263
SourceCodester Computer Repair Shop Management System manage
V. Comments for CVE-2026-10260
No comments yet