CVE-2026-6211
8.7 HIGHUnrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc
Published: 2026-06-12 · Last updated: 2026-06-12
Severity and scoring
- CVSS
- 8.7 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
- CWE
- CWE-434
Description
Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-53724 — Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js
- CVE-2026-53787 — Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows un... (9.8 CRITICAL)
- CVE-2026-46489 — SolidInvoice is an open-source invoicing platform (8.1 HIGH)
- CVE-2026-11839 — Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc (9.9 CRITICAL)
- CVE-2026-7852 — Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc (9.8 CRITICAL)