Vendor
A remote unrestricted file upload vulnerability (CVE-2026-15488) exists in hcr707305003 shiroiAdmin versions 1.1 and 1.3, allowing attackers to upload arbitrary files by manipulating the 'File' argument in FileController::upload, potentially leading to remote code execution.