CVE-2026-7043 | GreenCMS up to 2.3 index.php?m=admin&c=custom&a=pluginadd pluginAddLocal unrestricted upload

Inserito da Angelo Barbosa | Apr 25, 2026 | CVE

A vulnerability has been found in GreenCMS up to 2.3 and classified as critical. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is documented as CVE-2026-7043. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-7043 | GreenCMS up to 2.3 index.php?m=admin&c=custom&a=pluginadd pluginAddLocal unrestricted upload

Post correlati

CVE-2024-42181 | HCL DRYiCE MyXalytics 6.3 Communication Channel cleartext transmission (KB0118149)

CVE-2025-22890 | Humming Heads Defense Platform Home Edition up to 3.9.51.x unnecessary privileges

CVE-2024-8515 | themesflat Themesflat Addons For Elementor Plugin up to 2.2.1 on WordPress TF E Slider Widget/TF Video Widget/TF Team Widget cross site scripting

CVE-2024-20270 | Cisco BroadWorks Application Delivery Platform Web-based Management Interface cross site scripting (cisco-sa-broadworks-xss-6syj82Ju)