CVE-2026-36962

Published: Mag 11, 2026 Last Modified: Mag 11, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

SQL Injection in MuuCMF T6 v1.9.4.20260115 allows an unauthenticated attacker to compromise the entire database, achieve unauthorized administrative access, and potentially gain remote code execution by writing malicious files to the server's file system via the keyword parameter in the /index/controller/Search.php endpoint.

https://gitee.com/dameng100/muucmf

https://thinhneee.github.io/posts/muucmf-sqli/

CVE-2026-36962

Description

Iscriviti alla newsletter