CVE-2026-36722

Published June 9th, 2026

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file.

CC-T-454455/Vulnerabilities

Or2 | Or2 | Or2

GitHub