security research
iltosec
← back to blog
This post is currently being revised. The content is being updated — some sections may be incomplete or subject to change.
Rce Vulnerability Research Rce CMS

CVE-2026-53767 & CVE-2026-53768: Authenticated RCE via Chained Upload Path Bypass in Chyrp Lite

2026-06-11 4 min min read 7 0
The full content is hidden while this post is being revised. Please check back soon.
related posts
Rce · File Upload Bypass · misconfiguration
Unauthenticated RCE in CKFinder via Null Byte Injection Vulnerability
A real-world pre-auth RCE chain: exposed CKFinder with no authentication, null byte filter bypass to upload a .cfm webshell, and OS command execution via ColdFusion cfexecute. Full PoC walkthrough.
2026-06-07
26
CVE-2026-48493: Privilege Escalation via Permission Bypass in Snipe-IT
Technical breakdown of CVE-2026-48493: Users with users.edit permission escalate to near-full system access via PreserveUnauthorizedPrivilegedPermissionsAction bypass. Detailed PoC and impact analysis.
2026-05-28
79
CVE
CVE-2026-48492: User Account Enumeration via Missing Authorization in Snipe-IT
Technical breakdown of CVE-2026-48492: A missing authorization flaw in Snipe-IT allowing authenticated users to enumerate accounts via the API.
2026-05-27
108
Rce
FacturaScripts <= 2026 Authenticated RCE via Malicious Plugin Upload
Detailed vulnerability analysis of an Authenticated Remote Code Execution (RCE) in FacturaScripts (<= 2026). Explore the PoC via malicious plugin upload and learn about server hardening mitigations.
2026-05-01
220