CVE-2026-35174
CVE-2026-35174 affects Chyrp Lite (ultra-lightweight blogging engine) with a path traversal flaw in the administration console, present prior to 2026.01. The vulnerability lets an administrator or a user with Change Settings permission manipulate the uploads path to arbitrary folders, enabling do...