Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Apr 7, 2026
4images 1.9 - Remote Command Execution (RCE)
CVE-2022-50806
Description
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php endpoint with a crafted cat_id parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 1.9
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/51147mitreexploit
- www.vulncheck.com/advisories/images-remote-command-execution-rcemitrethird-party-advisory
- www.4homepages.demitreproduct
News mentions
0No linked articles in our index yet.