CVE-2026-46400 | haxtheweb haxcms-php up to 24.x File Content unrestricted upload (GHSA-ffxv-9qv2-v2v8)

A vulnerability has been found in haxtheweb haxcms-php up to 24.x and classified as critical. Affected by this vulnerability is an unknown functionality of the component File Content Handler. Performing a manipulation results in unrestricted upload.

This vulnerability was named CVE-2026-46400. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More