CVE-2026-36767 | shopizer 3.2.5 POST /content/images/add path traversal (ID 1091)

April 30, 2026 Yanac

A vulnerability, which was classified as critical, has been found in shopizer 3.2.5. This impacts an unknown function of the file /content/images/add of the component POST Handler. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-36767. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2026-36761 | thinkgem JeeSite 5.15.1 /msg/msgInner/save msgContent cross site scripting
CVE-2026-36763 | chillzhuang SpringBlade 4.8.0 submit content cross site scripting