CVE-2026-2184CRITICAL 9.8EPSS p95.0%

CVE-2026-2184CVE-2026-2184

Description

A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The code repository of the project has not been active for many years.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS9.90% probability of exploitation · percentile 95.0% · 2026-06-19T12:03:05Z
Published2026-02-08
Last modified2026-02-24

Underlying weaknesses· 2

CWE-77CWE-78

References

  1. https://github.com/lakshayyverma/CVE-Discovery/blob/main/Certificate2.md
  2. https://vuldb.com/?ctiid.344887
  3. https://vuldb.com/?id.344887
  4. https://vuldb.com/?submit.749714

2

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in a Command ('Command Injection')cwe-770%live
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2183
CVE
CVE-2025-7152
CVE
CVE-2025-7151
CVE
CVE-2026-2195
CVE
CVE-2026-2172
CVE
CVE-2025-7185
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.