Security Advisory

CVE-2026-36767

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-30 00:00:00

Last updated 2026-04-30 17:37:10

Assigner mitre

State PUBLISHED

Description

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request.

← Browse all CVEs View on cve.org ↗