Home / Vulnerability Intelligence / CVE-2026-38751

CVE-2026-38751 - Vulnerability Analysis

N/a

Last Updated: May 4, 2026

OpenSTAManager - Unrestricted File Upload

Published: May 4, 2026Updated: May 4, 2026PoC Available

Overview

OpenSTAManager <= 2.10 contains an unrestricted file upload vulnerability in the update module (modules/aggiornamenti/upload_modules.php), letting attackers upload arbitrary files remotely, exploit requires no special privileges.

Severity & Score

Severity: N/a

Impact

Attackers can upload arbitrary files, potentially leading to remote code execution or system compromise.

Mitigation

Update to the latest version beyond 2.10.

References

https://github.com/fuutianyii/poc
https://github.com/devcode-it/openstamanager

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-38751
Severity: N/a
Type: unrestricted_file_upload
Status: new

CVSS Metrics

N/A