4 matches found
CVE-2026-26279
Froxlor is open source server administration software. Prior to 2.3.4, a typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings in the...
CVE-2026-26279 Froxlor Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection
Froxlor is open source server administration software. Prior to 2.3.4, a typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings in the...
EUVD-2026-9340
Froxlor is open source server administration software. Prior to 2.3.4, a typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings in the...
CVE-2026-26279
CVE-2026-26279 affects Froxlor before 2.3.4. A typo in input validation (using == instead of =) prevents email fields from being validated, allowing an authenticated admin to store arbitrary strings in panel_adminmail. That value is later interpolated into a shell command executed as root by a cr...