Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by AREA 17

    CVE-2026-15518 (GCVE-0-2026-15518)

    Vulnerability from nvd – Published: 2026-07-13 00:45 – Updated: 2026-07-13 18:12
    VLAI
    Title
    AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload
    Summary
    A vulnerability has been found in AREA 17 Twill CMS up to 3.6.0. The impacted element is the function FileLibraryController::storeFile of the file src/Http/Controllers/Admin/FileLibraryController.php of the component Media Library Insert Page. Such manipulation of the argument qqfilename leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/377847 vdb-entrytechnical-description
    https://vuldb.com/vuln/377847/cti signaturepermissions-required
    https://vuldb.com/cve/CVE-2026-15518 third-party-advisory
    https://vuldb.com/submit/849572 third-party-advisory
    https://bytium.com/insights/authenticated-arbitra… exploit
    Impacted products
    Vendor Product Version
    AREA 17 Twill CMS Affected: 3.0
    Affected: 3.1
    Affected: 3.2
    Affected: 3.3
    Affected: 3.4
    Affected: 3.5
    Affected: 3.6.0
        cpe:2.3:a:area_17:twill_cms:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Jobyer Ahmed suffer (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15518",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-13T18:05:27.413526Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-13T18:12:11.633Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:area_17:twill_cms:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Media Library Insert Page"
              ],
              "product": "Twill CMS",
              "vendor": "AREA 17",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0"
                },
                {
                  "status": "affected",
                  "version": "3.1"
                },
                {
                  "status": "affected",
                  "version": "3.2"
                },
                {
                  "status": "affected",
                  "version": "3.3"
                },
                {
                  "status": "affected",
                  "version": "3.4"
                },
                {
                  "status": "affected",
                  "version": "3.5"
                },
                {
                  "status": "affected",
                  "version": "3.6.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jobyer Ahmed"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "suffer (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in AREA 17 Twill CMS up to 3.6.0. The impacted element is the function FileLibraryController::storeFile of the file src/Http/Controllers/Admin/FileLibraryController.php of the component Media Library Insert Page. Such manipulation of the argument qqfilename leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.8,
                "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-13T00:45:08.507Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377847 | AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377847"
            },
            {
              "name": "VDB-377847 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377847/cti"
            },
            {
              "name": "CVE-2026-15518 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15518"
            },
            {
              "name": "Submit #849572 | AREA 17 Twill CMS 3.6.0 Unrestricted File Upload",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/849572"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://bytium.com/insights/authenticated-arbitrary-file-upload-to-rce-in-twill-cms"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-12T13:16:13.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15518",
        "datePublished": "2026-07-13T00:45:08.507Z",
        "dateReserved": "2026-07-12T11:11:09.587Z",
        "dateUpdated": "2026-07-13T18:12:11.633Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15518 (GCVE-0-2026-15518)

    Vulnerability from cvelistv5 – Published: 2026-07-13 00:45 – Updated: 2026-07-13 18:12
    VLAI
    Title
    AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload
    Summary
    A vulnerability has been found in AREA 17 Twill CMS up to 3.6.0. The impacted element is the function FileLibraryController::storeFile of the file src/Http/Controllers/Admin/FileLibraryController.php of the component Media Library Insert Page. Such manipulation of the argument qqfilename leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/377847 vdb-entrytechnical-description
    https://vuldb.com/vuln/377847/cti signaturepermissions-required
    https://vuldb.com/cve/CVE-2026-15518 third-party-advisory
    https://vuldb.com/submit/849572 third-party-advisory
    https://bytium.com/insights/authenticated-arbitra… exploit
    Impacted products
    Vendor Product Version
    AREA 17 Twill CMS Affected: 3.0
    Affected: 3.1
    Affected: 3.2
    Affected: 3.3
    Affected: 3.4
    Affected: 3.5
    Affected: 3.6.0
        cpe:2.3:a:area_17:twill_cms:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Jobyer Ahmed suffer (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15518",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-13T18:05:27.413526Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-13T18:12:11.633Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:area_17:twill_cms:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Media Library Insert Page"
              ],
              "product": "Twill CMS",
              "vendor": "AREA 17",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0"
                },
                {
                  "status": "affected",
                  "version": "3.1"
                },
                {
                  "status": "affected",
                  "version": "3.2"
                },
                {
                  "status": "affected",
                  "version": "3.3"
                },
                {
                  "status": "affected",
                  "version": "3.4"
                },
                {
                  "status": "affected",
                  "version": "3.5"
                },
                {
                  "status": "affected",
                  "version": "3.6.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jobyer Ahmed"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "suffer (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in AREA 17 Twill CMS up to 3.6.0. The impacted element is the function FileLibraryController::storeFile of the file src/Http/Controllers/Admin/FileLibraryController.php of the component Media Library Insert Page. Such manipulation of the argument qqfilename leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.8,
                "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "Unrestricted Upload",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-13T00:45:08.507Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377847 | AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377847"
            },
            {
              "name": "VDB-377847 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377847/cti"
            },
            {
              "name": "CVE-2026-15518 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15518"
            },
            {
              "name": "Submit #849572 | AREA 17 Twill CMS 3.6.0 Unrestricted File Upload",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/849572"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://bytium.com/insights/authenticated-arbitrary-file-upload-to-rce-in-twill-cms"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-12T13:16:13.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "AREA 17 Twill CMS Media Library Insert FileLibraryController.php storeFile unrestricted upload"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15518",
        "datePublished": "2026-07-13T00:45:08.507Z",
        "dateReserved": "2026-07-12T11:11:09.587Z",
        "dateUpdated": "2026-07-13T18:12:11.633Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }