CVE-2026-1445

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:L/Au:M/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions iJason-Liu Books Manager versions prior to 298ba736387ca37810466349af13a0fdf828e99c

Description A flaw exists in iJason-Liu Books Manager that allows for unrestricted file uploads. This issue is related to the manipulation of the book cover argument within the file controllers/books center/upload bookCover.php. The attack can be initiated remotely. The exploit has been publicly released.

Recommendations Versions prior to 298ba736387ca37810466349af13a0fdf828e99c should be updated. As a temporary workaround, restrict access to the file controllers/books center/upload bookCover.php until a patch is available. Avoid uploading files through the book cover parameter until the issue is resolved.

Exploit

Fix

Unrestricted File Upload

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434CWE-284

Related Identifiers

CVE-2026-1445

Affected Products

Ijason-Liu Books Manager

CVE-2026-1445

Weakness Enumeration

Related Identifiers

Affected Products

References · 6