CVE-2026-30761

Published: May 28, 2026

Modified: May 29, 2026

PUBLISHED

Description

An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of SourceBans Material Admin v1.1.6 allows attackers to execute arbitrary code via uploading a crafted image file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/ng-dst/ca6663a4107fd39eaba1be2cb1d52b51

https://github.com/SB-MaterialAdmin/Web

https://github.com/SB-MaterialAdmin/Web/issues/374

https://gist.github.com/ng-dst/254163056c2d8a2f55259dcb79531b31

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-30761

Description

Affected Products

References