PT-2026-38449 · Undefined · Undefined

Raneisha Justin

·

Publicado

2026-05-07

·

Atualizado

2026-05-07

·

CVE-2026-36387

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2026-36387

Produtos afetados

Undefined