CVE-2026-49133
Received Received - Intake
Path Traversal in Typemill CMS Prior to 2.24.0

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: VulnCheck

Description
Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile() with an empty folder argument. Attackers can bypass traversal-prevention controls in Storage::getFolderPath() to access sensitive files.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-18
AI Q&A
2026-06-18
EPSS Evaluated
N/A
NVD
CVE-2026-49133
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
typemill typemill to 2.24.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Typemill before version 2.24.0 has a path traversal vulnerability. This means that authenticated users with Author-level privileges can manipulate the path query parameter in a way that allows them to read files outside the intended content directory. They do this by using traversal sequences that bypass the normal checks in the Storage::getFolderPath() function, enabling access to sensitive files that should be protected.

Impact Analysis

This vulnerability can allow an attacker with Author-level access to read arbitrary files on the server outside the content directory. This could lead to exposure of sensitive information stored on the server, potentially including configuration files, credentials, or other private data. Such unauthorized access can compromise the security and privacy of the system and its data.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49133. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart