CVE-2026-7578 | MacCMS Pro up to 2022.1.3 Plugin Installation add.html install unrestricted upload

A vulnerability, which was classified as critical, was found in MacCMS Pro up to 2022.1.3. This vulnerability affects the function install of the file /admi.php/admin/addon/add.html of the component Plugin Installation Handler. Executing a manipulation can lead to unrestricted upload.

This vulnerability appears as CVE-2026-7578. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7578 | MacCMS Pro up to 2022.1.3 Plugin Installation add.html install unrestricted upload

Post correlati

CVE-2024-25522 | RuvarOA 6.01/12.01 wf_work_form_save.aspx office_missive_id sql injection

CVE-2025-20033 | Mattermost up to 9.11.5/10.0.3/10.1.3/10.2.0/10.3.0 improper validation of specified type of input

CVE-2024-53647 | Trend Micro ID Security up to 3.0 Email Verification resource consumption

CVE-2024-39876 | Siemens SINEMA Remote Connect Server up to 3.2 allocation of resources (ssa-381581)