Description

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request.

INFO

Published Date :

2026-04-30T00:00:00.000Z

Last Modified :

2026-04-30T17:37:10.570Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2026-36767 vulnerability.

Vendors Products
Shopizer
  • Shopizer
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-36767.

URL Resource
https://github.com/shopizer-ecommerce/shopizer cve-icon cve-icon
https://github.com/shopizer-ecommerce/shopizer/issues/1091 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System