Medium severity6.3NVD Advisory· Published Apr 26, 2026· Updated Apr 29, 2026

CVE-2026-7044

Description

A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/ueh1013/VULN/issues/21nvd
vuldb.com/submit/798530nvd
vuldb.com/vuln/359623nvd
vuldb.com/vuln/359623/ctinvd

News mentions

No linked articles in our index yet.

cvss	0.410
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000