CVE Catalog
CVE-2026-30462
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.52%
40th percentile - higher than 40% of all known CVEs
Summary
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to perform directory traversal operations.
Risk Assessment
An attacker can gain unauthorized access to files outside the application's root directory, potentially leading to sensitive data leakage or further attack escalation.
Recommendation
Immediately update FuelCMS to the latest available version that fixes this vulnerability, and restrict access to the Blocks module to trusted users only.
Original NVD description (English source)
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal.

