Description
An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate file extensions and MIME types, permitting the upload of arbitrary PHP scripts to the publicly accessible "/uploads/files/" directory where they can be executed directly by the web server.
Published: 2026-06-30
Score: 8.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An Unrestricted File Upload flaw in Redeight CMS 1.0 allows a logged‑in attacker to upload any file through the "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application does not verify file extensions or MIME types, so the attacker can place arbitrary PHP scripts into the publicly accessible "/uploads/files/" directory and execute them directly via the web server, achieving remote code execution.

Affected Systems

The vulnerability exists in Redeight CMS version 1.0. No other vendors or product versions are listed as affected.

Risk and Exploitability

The flaw has a CVSS score of 8.6, indicating high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Because the exploit requires authentication, attackers must first gain access to an administrator account, after which they can upload a malicious script and trigger executable code on the host. Successful exploitation can lead to full system compromise.

Generated by OpenCVE AI on June 30, 2026 at 12:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Redeight CMS to a patched release that validates file uploads and rejects disallowed types.
  • Configure the web server to disable execution of PHP or other code in the "/uploads/files/" directory, for example by adding a .htaccess rule or server block restriction.
  • Implement server‑side upload filtering to allow only approved file extensions and MIME types, rejecting any files that do not match the allowed list.
  • Audit existing uploads for hidden malicious code and remove any that are found.

Generated by OpenCVE AI on June 30, 2026 at 12:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 11:45:00 +0000

Type Values Removed Values Added
Description An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate file extensions and MIME types, permitting the upload of arbitrary PHP scripts to the publicly accessible "/uploads/files/" directory where they can be executed directly by the web server.
Title Remote Code Execution in Redeight CMS
Weaknesses CWE-434
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-06-30T12:16:06.117Z

Reserved: 2026-06-10T14:02:39.879Z

Link: CVE-2026-53691

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T12:30:13Z

Weaknesses
  • CWE-434

    Unrestricted Upload of File with Dangerous Type