CVE-2026-1152 | technical-laohu mpay up to 1.2.4 QR Code Image codeimg unrestricted upload

Inserito da Angelo Barbosa | Gen 18, 2026 | CVE

A vulnerability was found in technical-laohu mpay up to 1.2.4 and classified as critical. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload.

This vulnerability is traded as CVE-2026-1152. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-1152 | technical-laohu mpay up to 1.2.4 QR Code Image codeimg unrestricted upload

Post correlati

CVE-2024-8534 | Citrix NetScaler ADC/NetScaler Gateway up to 29.71/37.206/55.33/55.320 VPN Vserver memory corruption (CTX691608)

CVE-2026-22197 | GestSup up to 3.2.56 Request Parameter sql injection

CVE-2023-50768 | Nexus Platform Plugin up to 3.18.0-03 on Jenkins cross-site request forgery

CVE-2025-23290 | NVIDIA GPU Display Driver R535/R570 Virtual GPU Manager information disclosure