📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global vulnerability Higher Education CRITICAL 7h Global data_breach Government HIGH 8h Global supply_chain Software Development and Open Source Communities CRITICAL 8h Global malware Software Development CRITICAL 8h Global phishing Multiple Sectors HIGH 9h Global vulnerability Web Applications CRITICAL 9h Global apt Critical Infrastructure CRITICAL 9h Global ransomware Multiple sectors CRITICAL 10h Global supply_chain Software Development, IT Infrastructure, Technology CRITICAL 10h Global vulnerability,data_breach,general Technology, Industrial Control Systems, Telecommunications HIGH 11h Global vulnerability Higher Education CRITICAL 7h Global data_breach Government HIGH 8h Global supply_chain Software Development and Open Source Communities CRITICAL 8h Global malware Software Development CRITICAL 8h Global phishing Multiple Sectors HIGH 9h Global vulnerability Web Applications CRITICAL 9h Global apt Critical Infrastructure CRITICAL 9h Global ransomware Multiple sectors CRITICAL 10h Global supply_chain Software Development, IT Infrastructure, Technology CRITICAL 10h Global vulnerability,data_breach,general Technology, Industrial Control Systems, Telecommunications HIGH 11h Global vulnerability Higher Education CRITICAL 7h Global data_breach Government HIGH 8h Global supply_chain Software Development and Open Source Communities CRITICAL 8h Global malware Software Development CRITICAL 8h Global phishing Multiple Sectors HIGH 9h Global vulnerability Web Applications CRITICAL 9h Global apt Critical Infrastructure CRITICAL 9h Global ransomware Multiple sectors CRITICAL 10h Global supply_chain Software Development, IT Infrastructure, Technology CRITICAL 10h Global vulnerability,data_breach,general Technology, Industrial Control Systems, Telecommunications HIGH 11h
Vulnerabilities

CVE-2026-2113

High
A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component
CWE-20 — Weakness Type
Published: Feb 7, 2026  ·  Modified: Feb 28, 2026  ·  Source: NVD
CVSS v3
7.3
🔗 NVD Official
📄 Description (English)

A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component WebUploader. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

🤖 AI Executive Summary

CVE-2026-2113 is a high-severity deserialization vulnerability in yuan1994 tpadmin versions up to 1.3.12, affecting the WebUploader component's preview.php file. This vulnerability allows remote attackers to execute arbitrary code through malicious serialized objects. The exploit has been publicly disclosed, and the affected product is no longer maintained, creating significant risk for organizations still using legacy versions.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 5, 2026 14:09
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability poses significant risk to Saudi organizations using legacy tpadmin installations, particularly in: Government agencies and municipalities relying on older administrative systems; Small to medium-sized enterprises (SMEs) in financial services and e-commerce sectors using tpadmin for content management; Healthcare facilities with legacy administrative portals; Educational institutions managing student information systems. The lack of vendor support increases exposure time and remediation complexity for Saudi organizations.
🏢 Affected Saudi Sectors
Government Financial Services Healthcare Education E-commerce Telecommunications
⚖️ Saudi Risk Score (AI)
7.8
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:

1. Identify all systems running yuan1994 tpadmin versions up to 1.3.12 across your infrastructure

2. Isolate or restrict network access to affected systems, particularly the /public/static/admin/lib/webuploader/0.1.5/server/preview.php endpoint

3. Implement Web Application Firewall (WAF) rules to block requests to the vulnerable preview.php file



Patching Guidance:

1. Upgrade to tpadmin version 1.3.13 or later immediately

2. If upgrade is not immediately possible, apply vendor security patches if available

3. Test patches in non-production environments before deployment



Compensating Controls:

1. Disable WebUploader functionality if not required for business operations

2. Implement strict input validation and output encoding on all file upload endpoints

3. Deploy network segmentation to limit access to administrative interfaces

4. Enable comprehensive logging and monitoring of preview.php access



Detection Rules:

1. Monitor for POST/GET requests to /public/static/admin/lib/webuploader/0.1.5/server/preview.php

2. Alert on serialized PHP objects (strings starting with 'O:' or 'a:') in request parameters

3. Track unusual process execution from web server processes

4. Monitor for file creation in temporary directories following preview.php requests
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:

1. تحديد جميع الأنظمة التي تعمل بإصدارات yuan1994 tpadmin حتى 1.3.12 عبر البنية التحتية

2. عزل أو تقييد الوصول إلى الأنظمة المتأثرة، خاصة نقطة نهاية /public/static/admin/lib/webuploader/0.1.5/server/preview.php

3. تطبيق قواعد جدار حماية تطبيقات الويب (WAF) لحجب الطلبات إلى ملف preview.php الضعيف



إرشادات التصحيح:

1. الترقية إلى إصدار tpadmin 1.3.13 أو أحدث فوراً

2. إذا لم يكن الترقية ممكنة على الفور، طبق تصحيحات الأمان من المورد إن توفرت

3. اختبر التصحيحات في بيئات غير الإنتاج قبل النشر



الضوابط البديلة:

1. تعطيل وظيفة WebUploader إذا لم تكن مطلوبة للعمليات التجارية

2. تطبيق التحقق الصارم من المدخلات والترميز على جميع نقاط نهاية تحميل الملفات

3. نشر تقسيم الشبكة لتحديد الوصول إلى الواجهات الإدارية

4. تفعيل السجلات الشاملة ومراقبة الوصول إلى preview.php



قواعد الكشف:

1. مراقبة طلبات POST/GET إلى /public/static/admin/lib/webuploader/0.1.5/server/preview.php

2. التنبيه على كائنات PHP المسلسلة (السلاسل التي تبدأ بـ 'O:' أو 'a:') في معاملات الطلب

3. تتبع تنفيذ العمليات غير المعتادة من عمليات خادم الويب

4. مراقبة إنشاء الملفات في الدلائل المؤقتة بعد طلبات preview.php
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy A.12.2.1 - Monitoring of system use
🔵 SAMA CSF
ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - Software, firmware, and information integrity mechanisms DE.CM-8 - Vulnerability scans
🟡 ISO 27001:2022
A.12.6.1 - Management of technical vulnerabilities A.14.2.5 - Secure development environment A.12.2.1 - Monitoring of system use
🟣 PCI DSS v4.0.1
6.2 - Ensure security patches are installed 6.5.1 - Injection flaws prevention 11.2 - Vulnerability scanning
📊 CVSS Score
7.3
/ 10.0 — High
📊 CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack VectorN — None / Network
Attack ComplexityL — Low / Local
Privileges RequiredN — None / Network
User InteractionN — None / Network
ScopeU — Unchanged
ConfidentialityL — Low / Local
IntegrityL — Low / Local
AvailabilityL — Low / Local
📋 Quick Facts
Severity High
CVSS Score7.3
CWECWE-20
EPSS0.01%
Exploit No
Patch ✓ Yes
Published 2026-02-07
Source Feed nvd
Views 5
🇸🇦 Saudi Risk Score
7.8
/ 10.0 — Saudi Risk
Priority: HIGH
🏷️ Tags
CWE-20
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram

💬 Comments

0
Loading comments
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.