CVE-2026-9421

CVSS v3.1

7.3

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions KLiK SocialMediaWebsite version 1.0

Description An issue exists in the File Handler component within the uniqid() function of the upload.inc.php file. This flaw allows for unrestricted file upload, which can be initiated remotely.

Recommendations As a temporary workaround, consider restricting access to the upload.inc.php file or disabling the uniqid() function within the File Handler component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-434

Related Identifiers

CVE-2026-9421

Affected Products

Klik Socialmediawebsite

CVE-2026-9421

Weakness Enumeration

Related Identifiers

Affected Products

References · 5