Summary Path Traversal to Arbitrary File Deletion in the Edit Comment admin function. An authenticated administrator can delete arbitrary files within the application root (e.g., config.php) by injecting a crafted attac…
| CVE ID | CVE-2026-54065 |
| Vendor | composer |
| Affected Product | nukeviet/nukeviet |
| Vulnerability Type | Vulnerability |
| CVSS Score | 8.7 (HIGH) |
| Actively Exploited | ❌ No known exploitation |
| Patch Status | See Vendor Advisory → |
| Reported By | CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories) |
#
config.php) by injecting a crafted attach parameter, rendering the application inoperable.modules/comment/admin/edit.phpattach parameter received via HTTP POST was not validated before being processed: ``php// Vulnerable code (before fix) $attach = $nv_Request->get_string('attach', 'post', '', true); if (!empty($attach)) { $attach = substr($attach, strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/')); } ` substr() strips the first N characters (equal to the length of the upload URL prefix, e.g. 26 chars for /nu
Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.