What is GHSA-vpw9-2j5c-m746?

GHSA-vpw9-2j5c-m746 is a security advisory published by GitHub Security Advisories with High severity. An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of...

Which CVE IDs does GHSA-vpw9-2j5c-m746 cover?

GHSA-vpw9-2j5c-m746 covers the following CVE IDs: CVE-2026-30761. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-vpw9-2j5c-m746?

GHSA-vpw9-2j5c-m746 has a CVSS v3 base score of 7.3, published by GitHub Security Advisories.

GHSA-vpw9-2j5c-m746HighCVSS 7.3

An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2026-30761 →

📋 Description

An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of SourceBans Material Admin v1.1.6 allows attackers to execute arbitrary code via uploading a crafted image file.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-30761
https://github.com/SB-MaterialAdmin/Web/issues/374
https://gist.github.com/ng-dst/254163056c2d8a2f55259dcb79531b31
https://gist.github.com/ng-dst/ca6663a4107fd39eaba1be2cb1d52b51
https://github.com/SB-MaterialAdmin/Web
https://github.com/advisories/GHSA-vpw9-2j5c-m746