CVE-2026-5261 in InforCenter PLM
Resumen (Inglés)
A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Divulgación
2026-04-01
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 354450 | Shandong Hoteam InforCenter PLM BaseHandler.ashx uploadFileToIIS escalada de privilegios | 434 | Prueba de concepto | No está definido | CVE-2026-5261 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV