Sanluan PublicCMS Task Template Management TaskTemplateAdminController.java save path traversal

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Sanluan PublicCMS up to 5.202506.d. This impacts the function Save of the file com/publiccms/controller/admin/sys/TaskTemplateAdminController.java of the component Task Template Management Handler. Such manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-1111

Source VulDB

Published Jan 18, 2026 at 05:32

Affected Product

Vendor Sanluan

Product PublicCMS

Version 5.202506.a

Affected Versions Sanluan PublicCMS 5.202506.a
Sanluan PublicCMS 5.202506.b
Sanluan PublicCMS 5.202506.c
Sanluan PublicCMS 5.202506.d

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Sanluan PublicCMS up to 5.202506.d. This impacts the function Save of the file com/publiccms/controller/admin/sys/TaskTemplateAdminController.java of the component Task Template Management Handler. Such manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-01-18T05:32:05.496Z",
    "modified": "2026-01-18T05:32:05.496Z",
    "type": "cve",
    "title": "Sanluan PublicCMS Task Template Management TaskTemplateAdminController.java save path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.341703\nhttps://vuldb.com/?ctiid.341703\nhttps://vuldb.com/?submit.732726\nhttps://github.com/AnalogyC0de/public_exp/issues/2",
    "id": "CVE-2026-1111",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Sanluan PublicCMS 5.202506.a\nSanluan PublicCMS 5.202506.b\nSanluan PublicCMS 5.202506.c\nSanluan PublicCMS 5.202506.d",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PublicCMS",
    "version": "5.202506.a",
    "vendor": "Sanluan",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Sanluan PublicCMS Task Template Management TaskTemplateAdminController.java save path traversal_CVE-2026-1111