1 matches found
CVE-2026-36669
An unauthenticated arbitrary file upload vulnerability in ckuploadhandler.php in Feng Office 3.11.13.11 allows remote attackers to upload malicious files such as .html to the web-accessible /tmp/ directory...