CVE-2026-1107

MEDIUM

EyouCMS <1.7.1/5.0 - Unrestricted Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-1107. PoCs published by Iniivan13.

AI-analyzed exploit summary This repository contains a Nuclei template for detecting CVE-2026-1107, a path traversal vulnerability in EyouCMS < 1.7.1. The template sends a crafted POST request to read the source code of 'index.php' via the 'viewfile' parameter, confirming the vulnerability if PHP tags are returned.

Description

A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function check_userinfo of the file Diyajax.php of the component Member Avatar Handler. Executing a manipulation of the argument viewfile can lead to unrestricted upload. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

nomisec SCANNER
by Iniivan13 · poc
https://github.com/Iniivan13/CVE-2026-1107

This repository contains a Nuclei template for detecting CVE-2026-1107, a path traversal vulnerability in EyouCMS < 1.7.1. The template sends a crafted POST request to read the source code of 'index.php' via the 'viewfile' parameter, confirming the vulnerability if PHP tags are returned.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: EyouCMS < 1.7.1
No auth needed
Prerequisites: Target must be running EyouCMS < 1.7.1 · The 'Diyajax.php' endpoint must be accessible
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 6.3
EPSS 0.0048
EPSS Percentile 37.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-284 CWE-434
Status published
Products (3)
eyoucms/eyoucms 1.7.0
eyoucms/eyoucms 1.7.1
eyoucms/eyoucms 5.0
Published Jan 18, 2026
Tracked Since Feb 18, 2026