Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

shimosyan

Source -

CNA

BOS Name -

N/A

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
1Vulnerabilities found

CVE-2026-56124
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.36% / 28.54%
||
7 Day CHG~0.00%
Published-29 Jun, 2026 | 13:47
Updated-29 Jun, 2026 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
phpUploader < 2.0.2 Unauthenticated Database Exposure via index model

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the complete JSON-encoded result set in an inline script block, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA-256 fingerprints.

Action-Not Available
Vendor-shimosyan
Product-phpUploader
CWE ID-CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere