CVE-2026-36767 - Shopizer Path Traversal File Write Vulnerability
CVE ID :CVE-2026-36767 Published : April 30, 2026, 5:16 p.m. | 1 hour, 26 minutes ago Description :A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request. Severity: 10.0 |
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] 'Nearly two-thirds of spam came from US-based infrastructure': Your free Gmail account could be helping criminals send 46% of all commercial spam while wearing down employees with email fatigue
- [CYBER] Clever Raspberry Pi hack gets Sony's PS5 controller working properly on a gaming PC over Bluetooth
- [CYBER] Chinese hackers vulnerable to U.S. arrest if they travel, FBI official says
- [CYBER] FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
- [CYBER] After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
- [CYBER] New Bluekit phishing service includes an AI assistant, 40 templates