CVE-2026-9421 PUBLISHED

A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

• g111 (VulDB User) reporter
• VulDB Vulnerability Moderation Team coordinator

• VDB-365402 | KLiK SocialMediaWebsite File upload.inc.php uniqid unrestricted upload
• VDB-365402 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #813725 | SourceCodester SourceCodester KLiK Social Media Website v1.0.1 Unrestricted Upload

• Unrestricted Upload CWE
• Improper Access Controls CWE