CVE-2026-5576

MEDIUM NVD

CVSS Score 4.7

Severity MEDIUM

Published Apr 05, 2026

Vendor unknown

Description

A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file save_emp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.

References

https://github.com/whatyourname12345/CVE/blob/main/PRMS/cve_Arbitrary%20File%20Upload%20to%20RCE.md
https://vuldb.com/submit/783473
https://vuldb.com/vuln/355346
https://vuldb.com/vuln/355346/cti