CVE-2026-1978 | kalyan02 NanoCMS up to 0.4 User Information /data/pagesdata.txt direct request

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of the component User Information Handler. Performing a manipulation results in direct request.

This vulnerability is cataloged as CVE-2026-1978. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

You should change the configuration settings.

CVE-2026-1978 | kalyan02 NanoCMS up to 0.4 User Information /data/pagesdata.txt direct request

Post correlati

CVE-2025-44180 | PHPGurukul Vehicle Record Management System 1.0 /edit-brand.php bid cross site scripting

CVE-2024-49194 | Databricks JDBC Driver up to 2.6.39 JNDI krbJAASFile injection

CVE-2024-25103 | CDAC AppSamvid up to 2.0.1 untrusted search path (CIVN-2024-0081)

CVE-2024-8040 | Dassault Systèmes 3DSwymer authorization