Product

Vvveb < 1.0.8.3

2 briefs RSS

Vvveb Unrestricted File Upload Vulnerability (CVE-2026-41937)

Vvveb before 1.0.8.3 is vulnerable to unrestricted file upload, allowing super_admin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file containing PHP code which is then accessible via HTTP requests.

Vvveb +1 file upload remote code execution web application

2r 1t 1c 1h ago

medium advisory

Vvveb Uncontrolled Recursion Denial of Service (CVE-2026-41935)

1 rule 2 TTPs 1 CVE

Vvveb before version 1.0.8.3 is vulnerable to an uncontrolled recursion vulnerability in the admin controller dispatch cycle that allows a low-privilege attacker to cause denial of service by exhausting PHP memory.

Vvveb +1 denial of service web application recursion

1r 2t 1c 1h ago