{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32756", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T18:53:03.532Z", "datePublished": "2026-03-19T23:08:03.470Z", "dateUpdated": "2026-03-20T17:07:02.484Z"}, "containers": {"cna": {"title": "Admidio: Unrestricted File Upload via CSRF Token Validation Bypass in Documents & Files Module", "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "lang": "en", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/Admidio/admidio/security/advisories/GHSA-95cq-p4w2-32w5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-95cq-p4w2-32w5"}, {"name": "https://github.com/Admidio/admidio/releases/tag/v5.0.7", "tags": ["x_refsource_MISC"], "url": "https://github.com/Admidio/admidio/releases/tag/v5.0.7"}], "affected": [{"vendor": "Admidio", "product": "admidio", "versions": [{"version": "< 5.0.7", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-19T23:08:03.470Z"}, "descriptions": [{"lang": "en", "value": "Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file extension restrictions by intentionally submitting an invalid CSRF token. This allows the upload of arbitrary file types, including PHP scripts, which may lead to Remote Code Execution on the server, resulting in full server compromise, data exfiltration, and lateral movement. This issue has been fixed in version 5.0.7."}], "source": {"advisory": "GHSA-95cq-p4w2-32w5", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-20T17:06:10.742686Z", "id": "CVE-2026-32756", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T17:07:02.484Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32756", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-20T17:06:10.742686Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T17:06:49.772Z"}}], "cna": {"title": "Admidio: Unrestricted File Upload via CSRF Token Validation Bypass in Documents & Files Module", "source": {"advisory": "GHSA-95cq-p4w2-32w5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Admidio", "product": "admidio", "versions": [{"status": "affected", "version": "< 5.0.7"}]}], "references": [{"url": "https://github.com/Admidio/admidio/security/advisories/GHSA-95cq-p4w2-32w5", "name": "https://github.com/Admidio/admidio/security/advisories/GHSA-95cq-p4w2-32w5", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/Admidio/admidio/releases/tag/v5.0.7", "name": "https://github.com/Admidio/admidio/releases/tag/v5.0.7", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file extension restrictions by intentionally submitting an invalid CSRF token. This allows the upload of arbitrary file types, including PHP scripts, which may lead to Remote Code Execution on the server, resulting in full server compromise, data exfiltration, and lateral movement. This issue has been fixed in version 5.0.7."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-19T23:08:03.470Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32756", "state": "PUBLISHED", "dateUpdated": "2026-03-20T17:07:02.484Z", "dateReserved": "2026-03-13T18:53:03.532Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-19T23:08:03.470Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file extension restrictions by intentionally submitting an invalid CSRF token. This allows the upload of arbitrary file types, including PHP scripts, which may lead to Remote Code Execution on the server, resulting in full server compromise, data exfiltration, and lateral movement. This issue has been fixed in version 5.0.7."}], "id": "CVE-2026-32756", "lastModified": "2026-03-20T13:37:50.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-20T00:16:16.763", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/Admidio/admidio/releases/tag/v5.0.7"}, {"source": "security-advisories@github.com", "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-95cq-p4w2-32w5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.0.7)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "admidio", "source": "cna", "vendor": "Admidio"}, "product": "admidio", "vendor": "admidio"}], "analysis": {"en": {"generated_at": "2026-03-20T00:23:05.579588+00:00", "value": {"mitigation_remediation": ["Upgrade Admidio to version 5.0.7 or later."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected software is Admidio (vendor product: Admidio:admidio). Only versions 5.0.6 and earlier are vulnerable. The flaw exists specifically in the Documents & Files module of those releases.", "description_and_impact": "Admidio versions 5.0.6 and earlier allow an authenticated user with upload permissions to bypass file extension checks by sending an invalid CSRF token. The flaw exists in the UploadHandlerFile.php module, permitting any file type, including PHP scripts, to be uploaded. As a result, an attacker can upload malicious code that is then executed on the server, leading to full server compromise, data exfiltration, and lateral movement. This vulnerability is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type).", "risk_and_exploitability": "The CVSS base score is 8.8, indicating a high severity risk. Exploit probability is not available from EPSS, and the vulnerability is not listed in the CISA KEV catalog, suggesting it is not yet part of any known publicly exploited campaigns. Exploitation requires an authenticated user with upload permissions and the ability to submit a file via the upload interface; upon successful upload, malicious code can execute with the server\u2019s privileges, creating a potentially catastrophic security breach."}}}}, "created": "2026-03-20T08:54:25.498705+00:00", "updated": "2026-03-20T10:43:53.095843+00:00", "vendors": ["admidio", "admidio$PRODUCT$admidio"]}