CVE-2026-16219 | Croogo CMS up to 4.0.7 Admin File Manager FileManager.php FileManager::isEditable path traversal (Issue 1008)

SecurityVulns

A vulnerability marked as critical has been reported in Croogo CMS up to 4.0.7. This affects the function FileManager::isEditable of the file FileManager/src/Utility/FileManager.php of the component Admin File Manager. This manipulation causes path traversal.

This vulnerability is handled as CVE-2026-16219. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More