CVE-2026-16219 | Croogo CMS up to 4.0.7 Admin File Manager FileManager.php FileManager::isEditable path traversal (Issue 1008)
A vulnerability marked as critical has been reported in Croogo CMS up to 4.0.7. This affects the function FileManager::isEditable of the file FileManager/src/Utility/FileManager.php of the component Admin File Manager. This manipulation causes path traversal.
This vulnerability is handled as CVE-2026-16219. The attack can be initiated remotely. Additionally, an exploit exists.
The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More