CVE-2026-6573 | PHPEMS 11.0 Instant Exam Creation exams.master.php temppage uploadfile server-side request forgery

A vulnerability, which was classified as critical, was found in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery.

This vulnerability is identified as CVE-2026-6573. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More