CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-32989

Precurio Intranet Portal 4.4 contains a cross-site request forgery vulnerability that allows attackers to induce authenticated users to submit crafted requests to a profile update endpoint handling file uploads. Attackers can exploit this to upload executable files to web-accessible locations, leading to arbitrary code execution in the context of the web server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.4%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.packetstorm.news/files/id/215644/
https://www.precurio.com

Products affected by CVE-2026-32989

Precurio » Intranet Portal » Version: 4.4

cpe:2.3:a:precurio:intranet_portal:4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-32989

Products

Pricing

Contact Us