kalyan02 NanoCMS User Information pagesdata.txt direct request_CVE-2026-1978

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of the component User Information Handler. Performing a manipulation results in direct request. It is possible to initiate the attack remotely. The exploit is now public and may be used. You should change the configuration settings.

Basic Information

ID CVE-2026-1978

Source VulDB

Published Feb 6, 2026 at 04:02

Affected Product

Vendor kalyan02

Product NanoCMS

Version 0.1

Affected Versions kalyan02 NanoCMS 0.1
kalyan02 NanoCMS 0.2
kalyan02 NanoCMS 0.3
kalyan02 NanoCMS 0.4

CWE Classification

CWE-425

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of the component User Information Handler. Performing a manipulation results in direct request. It is possible to initiate the attack remotely. The exploit is now public and may be used. You should change the configuration settings.",
    "published": "2026-02-06T04:02:07.172Z",
    "modified": "2026-02-06T04:02:07.172Z",
    "type": "cve",
    "title": "kalyan02 NanoCMS User Information pagesdata.txt direct request",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344500\nhttps://vuldb.com/?ctiid.344500\nhttps://vuldb.com/?submit.743260\nhttps://github.com/kalyan02/NanoCMS/blob/master/data/pagesdata.txt\nhttps://github.com/kalyan02/NanoCMS/",
    "id": "CVE-2026-1978",
    "bulletinFamily": "",
    "cwe": [
        "CWE-425"
    ],
    "cvelist": null,
    "sourceData": "kalyan02 NanoCMS 0.1\nkalyan02 NanoCMS 0.2\nkalyan02 NanoCMS 0.3\nkalyan02 NanoCMS 0.4",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NanoCMS",
    "version": "0.1",
    "vendor": "kalyan02",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}