Home

Description

A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal.

PUBLISHED Reserved 2026-03-04 | Published 2026-04-27 | Updated 2026-04-27 | Assigner mitre

References

pentest-tools.com/...sitive-File-Read-via-Path-Traversal.pdf exploit

daylight.com

fuelcms.com

github.com/...aster/fuel/modules/fuel/controllers/Blocks.php

pentest-tools.com/...sitive-File-Read-via-Path-Traversal.pdf

cve.org (CVE-2026-30462)

nvd.nist.gov (CVE-2026-30462)

Download JSON