Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.2
PHP File Inclusion Vulnerability in Personnel Property Equipment System
CVE-2026-26699
Summary
A critical flaw exists in the Personnel Property Equipment System, allowing attackers to execute unauthorized code. This could lead to data theft, system compromise, or other malicious activities. Update the affected software to the latest version or apply patches to prevent exploitation.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| jon-remus-sevellejo | personnel_property_equipment_system | 1.0 | – |
Original title
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/admin_change_picture.php.
Original description
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/admin_change_picture.php.
nvd CVSS3.1
7.2
Vulnerability type
CWE-94
Code Injection
- https://github.com/Thirtypenny77/bug_report/blob/main/sourcecodester/personel-pr... Exploit Third Party Advisory
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026