CVE-2026-38930

Published: Mag 27, 2026 Last Modified: Mag 27, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter.

http://openrapid.com
http://openrapid.com
http://rapidcms.com
http://rapidcms.com
https://moworn.github.io/post/cve-2026-38930/
https://moworn.github.io/post/cve-2026-38930/