VYPR
Medium severity4.7NVD Advisory· Published Feb 9, 2026· Updated Apr 29, 2026

CVE-2026-2226

CVE-2026-2226

Description

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sql_filename leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Douco/Douphp2 versions
    cpe:2.3:a:douco:douphp:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:douco:douphp:*:*:*:*:*:*:*:*range: <=1.9
    • (no CPE)range: <=1.9

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.