CVE-2026-41463 - ProjeQtor < 12.4.4 ZipSlip Path Traversal via uploadPlugin.php
CVE ID :CVE-2026-41463 Published : April 27, 2026, 3:09 p.m. | 51 minutes ago Description :ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions to write files outside
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] My project against Malicious Browser Extensions
- [CYBER] Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025)
- [CYBER] Litecoin Rewrites Transaction History After Exploit, Apologizes for Social Posts
- [CYBER] Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary
- [CYBER] Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary
- [CYBER] DeFi community raises $238M to save Aave from KelpDAO exploit fallout - Startup Fortune