Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-8134
Received
More InfoOfficial Page
Source-ff5b8ace-8b95-4078-9743-eac1ca5451de
View Known Exploited Vulnerability (KEV) details
Published At-21 May, 2026 | 21:16
Updated At-21 May, 2026 | 21:16

Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include arbitrary readable files on the server. Combined with the file uploader's extension-only validation (which permits PHP code in files saved with image extensions like .png), this can result in authenticated remote code execution. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 9.4 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H   Thanks Yonatan Drori (Tenzai) for reporting.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.4CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 9.4
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-23Secondaryff5b8ace-8b95-4078-9743-eac1ca5451de
CWE-98Secondaryff5b8ace-8b95-4078-9743-eac1ca5451de
CWE-434Secondaryff5b8ace-8b95-4078-9743-eac1ca5451de
CWE ID: CWE-23
Type: Secondary
Source: ff5b8ace-8b95-4078-9743-eac1ca5451de
CWE ID: CWE-98
Type: Secondary
Source: ff5b8ace-8b95-4078-9743-eac1ca5451de
CWE ID: CWE-434
Type: Secondary
Source: ff5b8ace-8b95-4078-9743-eac1ca5451de
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://documentation.concretecms.org/9-x/developers/introduction/version-history/951-release-notesff5b8ace-8b95-4078-9743-eac1ca5451de
N/A
Hyperlink: https://documentation.concretecms.org/9-x/developers/introduction/version-history/951-release-notes
Source: ff5b8ace-8b95-4078-9743-eac1ca5451de
Resource: N/A
Change History
0Changes found
Details not found