CVE-2026-60121 | VITEC Flamingo 4.12.2 Admin AJAX Endpoint admin/ajax/ping.php escapeshellarg/shell_exec host os command injection

SecurityVulns

A vulnerability was found in VITEC Flamingo 4.12.2. It has been classified as very critical. Affected by this vulnerability is the function escapeshellarg/shell_exec of the file admin/ajax/ping.php of the component Admin AJAX Endpoint. This manipulation of the argument host causes os command injection.

This vulnerability appears as CVE-2026-60121. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More