CVE-2026-55744— Cotonti CSRF in PFS allows forced arbitrary file upload
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-55744
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cotonti CSRF in PFS allows forced arbitrary file upload
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.main.php, the file upload action ('a=upload') processes uploaded files without calling cot_check_xg() to validate the anti-CSRF token, even though sibling actions such as 'delete' (line 272) do. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged multipart request that uploads arbitrary files into the victim's PFS storage.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨站请求伪造(CSRF)
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-55744
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-55744
请登录查看更多情报信息。
Vendor Pages for CVE-2026-55744 (1)
Other References for CVE-2026-55744 (1)
Same Patch Batch · Cotonti · 2026-06-18 · 5 CVEs total
| CVE-2026-55742 | 9.6 CRITICAL | Cotonti CSRF in admin.rights.php allows privilege escalation |
| CVE-2026-55741 | 8.8 HIGH | Cotonti CSRF in admin.config.php allows unauthorized configuration changes |
| CVE-2026-55746 | 7.6 HIGH | Cotonti stored XSS via PFS folder title |
| CVE-2026-55745 | 5.4 MEDIUM | Cotonti CSRF in PFS folder edit allows unauthorized folder modification |
IV. Related Vulnerabilities
Same weakness: CWE-352
- CVE-2026-57659
WordPress Paid Memberships Pro - Add Member From Admin plugi - CVE-2026-57657
WordPress Gmail SMTP plugin <= 1.2.3.19 - Cross Site Request - CVE-2026-57655
WordPress Child theme Wizard plugin <= 1.4 - Cross Site Requ - CVE-2026-57641
WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request - CVE-2026-57637
WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.
V. Comments for CVE-2026-55744
No comments yet