Sharp CMS Path Traversal Vulnerability (CVE-2026-33686)
A path traversal vulnerability exists in Sharp CMS versions prior to 9.20.0 due to improper sanitization of file extensions, potentially allowing attackers to bypass security restrictions and access sensitive files.
Sharp CMS, a content management framework built for Laravel, is vulnerable to a path traversal attack. This vulnerability affects versions prior to 9.20.0 and stems from the FileUtil class not properly sanitizing file extensions. The flaw allows attackers to manipulate file paths by injecting path separators, potentially leading to unauthorized file access or manipulation within the storage layer. The vulnerability resides in the FileUtil::explodeExtension() function within…
Detection coverage 2
SharpCMS Path Traversal Upload
highDetects file upload attempts with path traversal sequences targeting Sharp CMS.
SharpCMS Suspicious File Extension
criticalDetects requests with suspicious file extensions after a directory traversal
Detection queries are kept inside the platform. Get full rules →