CVE-2026-37748 | Visitor Management System 1.0 admin_user_insert.php move_uploaded_file unrestricted upload

A vulnerability was found in Visitor Management System 1.0 and classified as critical. Affected by this issue is the function move_uploaded_file of the file vms/php/admin_user_insert.php. Such manipulation leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2026-37748. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More