CVE-2026-1111 – This CVE describes a path traversal vulnerabili... (How to Fix)

Q: What is the severity of CVE-2026-1111?

CVE-2026-1111 has a CVSS score of 4.7 (MEDIUM). This CVE describes a path traversal vulnerability in Sanluan PublicCMS that allows attackers to write files to arbitrary locations on the server. The vulnerability affects PublicCMS installations up to version 5.202506.d and can be exploited remotely via the Task Template Management Handler component.

📋 TL;DR

This CVE describes a path traversal vulnerability in Sanluan PublicCMS that allows attackers to write files to arbitrary locations on the server. The vulnerability affects PublicCMS installations up to version 5.202506.d and can be exploited remotely via the Task Template Management Handler component.

💻 Affected Systems

Products:

Sanluan PublicCMS

Versions: Up to and including 5.202506.d

Operating Systems: All platforms running PublicCMS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the Task Template Management Handler component specifically.

📦 What is this software?

Publiccms by Publiccms

View all CVEs affecting Publiccms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Unauthorized file writes allowing web shell deployment, configuration modification, or data manipulation.

🟢

If Mitigated

Limited impact if proper file system permissions and input validation are in place.

🌐 Internet-Facing: HIGH - Attack can be launched remotely without authentication.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this to escalate privileges or move laterally.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit disclosed on GitHub, requires admin access to Task Template Management Handler.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to any version beyond 5.202506.d if released by vendor.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation on the 'path' parameter to prevent directory traversal sequences.

Implement validation in com/publiccms/controller/admin/sys/TaskTemplateAdminController.java to reject paths containing '../' or absolute paths

File System Permissions

linux

Restrict write permissions to only necessary directories for the web application user.

chmod -R 755 /var/www/publiccms/
chown -R www-data:www-data /var/www/publiccms/

🧯 If You Can't Patch

Disable or restrict access to the Task Template Management Handler component
Implement web application firewall (WAF) rules to block path traversal patterns

🔍 How to Verify

Check if Vulnerable:

Check PublicCMS version in admin panel or configuration files. If version is 5.202506.d or earlier, system is vulnerable.

Check Version:

Check WEB-INF/classes/version.properties or admin dashboard for version information

Verify Fix Applied:

Test the Save function with path traversal payloads (e.g., '../../malicious.php') to ensure they are rejected.

📡 Detection & Monitoring

Log Indicators:

Unusual file write operations in web server logs
Requests to TaskTemplateAdminController with path parameters containing '../'

Network Indicators:

HTTP POST requests to /admin/sys/taskTemplate/save with suspicious path parameters

SIEM Query:

source="web_logs" AND uri="/admin/sys/taskTemplate/save" AND (path="*../*" OR path="*..\\*" OR path="*/../*")

📊 Metadata

CVE ID: CVE-2026-1111

CVSS v3 Score: 4.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-22

EPSS Score: 0.23% exploit probability (45.3th percentile)

Published: January 18, 2026

Last Updated: February 5, 2026

🔗 References

https://github.com/AnalogyC0de/public_exp/issues/2 Exploit,Issue Tracking,Mitigation,Vendor Advisory
https://vuldb.com/?ctiid.341703 Permissions Required,VDB Entry
https://vuldb.com/?id.341703 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.732726 Third Party Advisory,VDB Entry
https://github.com/AnalogyC0de/public_exp/issues/2 Exploit,Issue Tracking,Mitigation,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1111, you might also want to check these: