EIP-2026-114592

This advisory details multiple vulnerabilities in ZeewaysCMS, including a directory traversal (LFI) via the 'targeturl' parameter and stored XSS in profile fields. It provides proof-of-concept URLs and payloads but lacks functional exploit code.