Product
A remote SQL injection vulnerability (CVE-2026-8133) exists in zyx0814 FilePress up to version 2.2.0 via the Shares Filelist API by manipulating the argument order, potentially leading to unauthorized data access or modification.