CVE-2026-35164
HIGHBrave CMS Sffected by Unrestricted File Upload via CKEditor Endpoint
Title source: cnaDescription
Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file upload vulnerability exists in the CKEditor upload functionality. It is found in app/Http/Controllers/Dashboard/CkEditorController.php within the ckupload method. The method fails to validate uploaded file types and relies entirely on user input. This allows an authenticated user to upload executable PHP scripts and gain Remote Code Execution. This vulnerability is fixed in 2.0.6.
References (1)
Core 1
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/Ajax30/BraveCMS-2.0/security/advisories/GHSA-2j4q-6p52-4rhw
Scores
CVSS v3
8.8
EPSS
0.0071
EPSS Percentile
48.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-434
Status
published
Products (2)
ajax30/bravecms
2.0.0 - 2.0.6
Ajax30/BraveCMS-2.0
< 2.0.6
Published
Apr 06, 2026
Tracked Since
Apr 06, 2026