CVE-2026-3795 | doramart DoraCMS 3.0.x v1.js createFileBypath path traversal

Inserito da Angelo Barbosa | Mar 8, 2026 | CVE

A vulnerability classified as critical has been found in doramart DoraCMS 3.0.x. Impacted is the function createFileBypath of the file /DoraCMS/server/app/router/api/v1.js. Performing a manipulation results in path traversal.

This vulnerability is identified as CVE-2026-3795. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-3795 | doramart DoraCMS 3.0.x v1.js createFileBypath path traversal

Post correlati

CVE-2023-50990 | Tenda i29 1.0.0.5 sysScheduleRebootSet rebootTime buffer overflow

CVE-2025-7542 | PHPGurukul User Registration & Login and User Management System /admin/user-profile.php sql injection

CVE-2024-27459 | OpenVPN up to 2.6.9 Data stack-based overflow

CVE-2025-9265 | Kiloview NDI N30 prior 2.02.0246 origin validation