CVE Catalog

CVE-2026-40750

CriticalCVSS 9.9
Published: Updated: Translated: NVD NIST

Summary

CVE-2026-40750 vulnerability in themagnifico52 Kids Online Store allows unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server.

Risk Assessment

Exploitation of this vulnerability could lead to server takeover, posing a serious threat to the security of organizational data and systems.

Recommendation

It is recommended to implement restrictions on file types that can be uploaded and to deploy scanning mechanisms to detect and block dangerous files.

Original NVD description (English source)

Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.8.9.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS