CVE-2026-30403

high

Description

There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read any file on the victim's server.

References

https://github.com/tianshiyeben/wgcloud/issues/97

https://github.com/TTTlw1024/qwe/issues/2

Details

Source: Mitre, NVD

Published: 2026-03-19

Updated: 2026-04-02

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N