Vulnerabilities

CVE-2026-36962

by Fred · 11/05/2026

SQL Injection in MuuCMF T6 v1.9.4.20260115 allows an unauthenticated attacker to compromise the entire database, achieve unauthorized administrative access, and potentially gain remote code execution by writing malicious files to the server’s file system via the keyword parameter in the /index/controller/Search.php endpoint.

More information : https://gitee.com/dameng100/muucmf

Similar

Tags: Cybersecurity Alert