CVE-2026-28507

Idno: Remote Code Execution via Chained Import File Write and Template Path Traversal

Description

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4.

INFO

Published Date :

2026-03-06T04:12:43.557Z

Last Modified :

2026-03-06T16:08:06.876Z

Source :

GitHub_M

AFFECTED PRODUCTS

The following products are affected by CVE-2026-28507 vulnerability.

Vendors	Products
Idno	Idno

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-28507.

URL	Resource
https://github.com/idno/idno/releases/tag/1.6.4
https://github.com/idno/idno/security/advisories/GHSA-37j7-56xc-c468

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability