CVE-2026-56124
CVE-2026-56124 affects phpUploader prior to 2.0.2. An unauthenticated information-disclosure flaw exists where the index model runs an unbounded SELECT and embeds the full JSON-encoded result set in an inline script, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA...