anonhaven
Ad

CVE-2026-35174

CRITICAL CVSS 3.1: 9.1 EPSS 0.46%
Updated Apr 07, 2026
PHP
Parameter Value
CVSS 9.1 (CRITICAL)
Fixed In 2026.01
Type CWE-73 (External Control of File Name or Path), CWE-434 (Unrestricted File Upload), CWE-22 (Path Traversal)
Vendor PHP
Public PoC No

Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, a path traversal vulnerability exists in the administration console that allows an administrator or a user with Change Settings permission to change the uploads path to any folder. This vulnerability allows the user to download any file on the server, including config.json.php with database credentials and overwrite critical system files, leading to remote code execution.

This vulnerability is fixed in 2026.01.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
High
Admin privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-73 External Control of File Name or Path
CWE-434 Unrestricted File Upload
CWE-22 Path Traversal

References 1

https://github.com/xenocrat/chyrp-lite/security/advisories/GHSA-p6pf-2grm-8257
security-advisories@github.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-6409

PHP

7.1

CVE-2026-37347

PHP

9.1

CVE-2026-37346

PHP

4.7

CVE-2026-37345

PHP

9.8

CVE-2026-37344

PHP

7.2