Medium severity5.3NVD Advisory· Published Mar 30, 2026· Updated Apr 2, 2026
CVE-2026-29909
CVE-2026-29909
Description
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/qflksheep/CVE-2026-29909-MRCMS-vulnerability/blob/main/README.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.