CVE-2026-2226 | DouPHP up to 1.9 ZIP File /admin/file.php sql_filename unrestricted upload

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability labeled as critical has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sql_filename leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2026-2226. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-2226 | DouPHP up to 1.9 ZIP File /admin/file.php sql_filename unrestricted upload

Post correlati

CVE-2024-48257 | Wavelog 1.8.5 Oqrs_model.php get_worked_modes station_id sql injection

CVE-2024-30057 | Microsoft Edge up to 124.0.2478.109 on iOS unknown vulnerability

CVE-2024-33027 | Qualcomm Snapdragon Auto up to XR1 Platform GPU Page Table memory corruption

CVE-2024-32739 | CyberPower PowerPanel Enterprise up to 2.8.2 MCUDBHelper query_ptask_verbose sql injection