THREATOPS
THREAT OPSCVEs › CVE-2026-48939

CVE-2026-48939 — iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability

CISA KEVExploited: confirmediCagenda

iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.

Vulnerability details

Related reporting