{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7044", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-25T16:01:42.025Z", "datePublished": "2026-04-26T13:30:09.575Z", "dateUpdated": "2026-04-27T16:41:31.003Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-26T13:30:09.575Z"}, "title": "GreenCMS index.php themeadd unrestricted upload", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-434", "lang": "en", "description": "Unrestricted Upload"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "Improper Access Controls"}]}], "affected": [{"vendor": "n/a", "product": "GreenCMS", "versions": [{"version": "2.0", "status": "affected"}, {"version": "2.1", "status": "affected"}, {"version": "2.2", "status": "affected"}, {"version": "2.3", "status": "affected"}], "cpes": ["cpe:2.3:a:greencms:greencms:*:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-25T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-25T18:06:52.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "R21Z20 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/359623", "name": "VDB-359623 | GreenCMS index.php themeadd unrestricted upload", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359623/cti", "name": "VDB-359623 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/798530", "name": "Submit #798530 | https://github.com/GreenCMS/GreenCMS GreenCMS v2.3 arbitrary file deletion", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ueh1013/VULN/issues/21", "tags": ["exploit", "issue-tracking"]}], "tags": ["unsupported-when-assigned"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T16:41:15.385521Z", "id": "CVE-2026-7044", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T16:41:31.003Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"tags": ["unsupported-when-assigned"], "title": "GreenCMS index.php themeadd unrestricted upload", "credits": [{"lang": "en", "type": "reporter", "value": "R21Z20 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:a:greencms:greencms:*:*:*:*:*:*:*:*"], "vendor": "n/a", "product": "GreenCMS", "versions": [{"status": "affected", "version": "2.0"}, {"status": "affected", "version": "2.1"}, {"status": "affected", "version": "2.2"}, {"status": "affected", "version": "2.3"}]}], "timeline": [{"lang": "en", "time": "2026-04-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-25T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-25T18:06:52.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/359623", "name": "VDB-359623 | GreenCMS index.php themeadd unrestricted upload", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359623/cti", "name": "VDB-359623 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/798530", "name": "Submit #798530 | https://github.com/GreenCMS/GreenCMS GreenCMS v2.3 arbitrary file deletion", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ueh1013/VULN/issues/21", "tags": ["exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "Unrestricted Upload"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "Improper Access Controls"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-26T13:30:09.575Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-7044", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T16:41:15.385521Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-27T16:41:26.651Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-7044", "state": "PUBLISHED", "dateUpdated": "2026-04-26T13:30:09.575Z", "dateReserved": "2026-04-25T16:01:42.025Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-26T13:30:09.575Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [{"sourceIdentifier": "cna@vuldb.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "id": "CVE-2026-7044", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-26T22:17:32.057", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/ueh1013/VULN/issues/21"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/798530"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359623"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359623/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-434"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "GreenCMS", "source": "cna", "vendor": "n/a"}, "product": "greencms", "vendor": "greencms"}], "analysis": {"en": {"generated_at": "2026-04-28T05:07:32.540091+00:00", "value": {"mitigation_remediation": ["Upgrade or patch GreenCMS to a version that fixes the themeadd file\u2011upload issue.", "If a patch is not immediately available, disable the themeadd functionality or restrict the upload endpoint to accept only whitelisted image extensions and enforce strict server\u2011side validation.", "Reconfigure the web server to serve uploaded files from a directory with execute permissions disabled, ensuring that any user\u2011supplied file cannot be run as code."], "summary": {"action": "Apply Patch", "impact": "Remote File Upload"}, "threat_synthesis": {"affected_systems": "GreenCMS versions up to 2.3 are affected. The vulnerability appears in the admin theme addition interface and is only present in releases that are no longer supported by the maintainer. No specific sub\u2011versions are listed beyond the general \"up to 2.3\" range.", "description_and_impact": "The vulnerability resides in GreenCMS\u2019s themeadd function located at /index.php?m=admin&c=custom&a=themeadd and allows an attacker to upload any file type without restriction, potentially facilitating the placement of malicious code on the server. The flaw is identified with CWE-284 (Improper Access Control) and CWE-434 (Unrestricted Upload of File with Dangerous Type). The CVSS score of 5.3 reflects a moderate severity, primarily due to the remote file upload capability and the fact that the exploit is publicly available, though the description does not explicitly state that code execution is guaranteed. The impact is that an attacker could place executable files or web shells in the upload directory, thereby gaining further foothold if the server is improperly configured to execute uploaded content.", "risk_and_exploitability": "The EPSS score is listed as less than 1\u202f%, indicating that the probability of exploitation is low at present. The vulnerability is not included in the CISA KEV catalog, which suggests that active, widespread exploitation has not been reported. Nonetheless, because the attack can be launched remotely and the exploit has been made public, the risk remains for unpatched systems. Attackers would need to craft a request to the themeadd endpoint and supply a file of their choosing; if the server allows the file to be executed, further compromise could occur. The overall risk is moderate due to the lower probability of exploitation, but it warrants timely remediation to prevent a potential escalation."}}}}, "created": "2026-04-27T20:20:22.920500+00:00", "updated": "2026-04-28T05:15:22.940314+00:00", "vendors": ["greencms", "greencms$PRODUCT$greencms"]}