Medium severity5.3NVD Advisory· Published Aug 18, 2019· Updated Jun 17, 2026
CVE-2019-15129
CVE-2019-15129
Description
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates' files in the photo folder on the website by specifying a "user id" parameter and file name, such as in a recruitment_online/upload/user/[user_id]/photo/[file_name] URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Humanica/Humatrixdescription
- Range: 1.0.0.203, 1.0.0.681
Patches
Vulnerability mechanics
References
1- gist.github.com/izadgot/38a7dd553f8024ed3154134dae0414fdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.