CVE-2026-36723
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem. This enables unauthorized access to sensitive files, the overwriting of critical application files, and remote code execution (RCE).
| Vendor | n/a |
| Product | n/a |
| Published | Jun 9, 2026 |
| Last Updated | Jun 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new unknown vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a