CVE-2026-2164 | detronetdip E-commerce 1.0.0 addadhar.php File unrestricted upload (Issue 23)

A vulnerability has been found in detronetdip E-commerce 1.0.0 and classified as critical. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of the argument File results in unrestricted upload.

This vulnerability is known as CVE-2026-2164. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-2164 | detronetdip E-commerce 1.0.0 addadhar.php File unrestricted upload (Issue 23)

Post correlati

CVE-2025-46339 | FreshRSS up to 1.26.1 Feed Favicon acceptance of extraneous untrusted data with trusted data (GHSA-8f79-3q3w-43c4)

CVE-2023-5117 | GitLab Community Edition/Enterprise Edition up to 17.5.x exposure of sensitive information due to incompatible policies

CVE-2023-44283 | Dell SupportAssist for Home PCs access control (dsa-2023-401)

CVE-2025-58917 | Quantities and Units for WooCommerce Plugin up to 1.0.13 on WordPress cross site scripting