Tpadmin

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-2113 HIGH POC This Week

Unsafe deserialization in yuan1994 tpadmin versions up to 1.3.12 allows remote attackers to execute arbitrary code via the WebUploader preview.php component without authentication. Public exploit code exists for this vulnerability, and affected installations running unsupported versions face immediate risk. The flaw enables complete system compromise with no patch available from the maintainer.

PHP Deserialization Tpadmin

NVD GitHub VulDB

CVSS 3.1

7.3

EPSS

0.0%

CVE-2026-2113

EPSS 0% CVSS 7.3

HIGH POC This Week

Unsafe deserialization in yuan1994 tpadmin versions up to 1.3.12 allows remote attackers to execute arbitrary code via the WebUploader preview.php component without authentication. Public exploit code exists for this vulnerability, and affected installations running unsupported versions face immediate risk. The flaw enables complete system compromise with no patch available from the maintainer.

PHP Deserialization Tpadmin

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy