CVE-2026-36722
CVE-2026-36722 is an authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3. The issue allows an attacker with valid credentials to upload a crafted file and potentially execute arbitrary code. All documented sources describe the same vulnerabili...