CVE-2026-8133 | zyx0814 FilePress up to 2.2.0 Shares Filelist API dzz/shares/admin.php order sql injection (Issue 70)

Inserito da Angelo Barbosa | Mag 7, 2026 | CVE

A vulnerability categorized as critical has been discovered in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file dzz/shares/admin.php of the component Shares Filelist API. Such manipulation of the argument order leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-8133. The attack can be launched remotely. Moreover, an exploit is present.

A patch should be applied to remediate this issue.

CVE-2026-8133 | zyx0814 FilePress up to 2.2.0 Shares Filelist API dzz/shares/admin.php order sql injection (Issue 70)

Post correlati

CVE-2024-34142 | Adobe Experience Manager up to 6.5.20 cross site scripting (apsb24-28)

CVE-2024-0564 | Linux Kernel up to 5.15.0-58 KSM memory corruption

CVE-2024-47832 | ssoready XML Parser signature verification (GHSA-j2hr-q93x-gxvh)

CVE-2024-13472 | wcproducttable WooCommerce Product Table Lite Plugin up to 3.9.4 on WordPress sc_attrs code injection