CVE-2026-1111 | Sanluan PublicCMS up to 5.202506.d Task Template Management TaskTemplateAdminController.java save path path traversal

A vulnerability was found in Sanluan PublicCMS up to 5.202506.d and classified as critical. This impacts the function Save of the file com/publiccms/controller/admin/sys/TaskTemplateAdminController.java of the component Task Template Management Handler. Such manipulation of the argument path leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-1111. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-1111 | Sanluan PublicCMS up to 5.202506.d Task Template Management TaskTemplateAdminController.java save path path traversal

Post correlati

CVE-2024-28186 | freescout up to 1.8.123 send_log log file (GHSA-7wcq-2qmv-mvcm)

CVE-2024-45185 | Samsung Mobile Processor/Wearable Processor/Modem Exynos GPRS Protocol out-of-bounds write

CVE-2024-13453 | smub Contact Form & SMTP Plugin up to 2.6.0 on WordPress Shortcode code injection

CVE-2024-40961 | Linux Kernel up to 6.9.6 fib6_nh_init null pointer dereference