EIP-2026-106007

PRE-CVE

CMScontrol 7.x - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106007. PoCs published by Cyber_945.

AI-analyzed exploit summary This entry describes a file upload vulnerability in CMScontrol 7.x, providing a specific exploit path but lacking executable code or detailed technical steps. It appears to be a writeup rather than a functional PoC.

Description

CMScontrol 7.x - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP

by Cyber_945 · textwebappsphp

https://www.exploit-db.com/exploits/11104

View Code ZIP pw:eip

This entry describes a file upload vulnerability in CMScontrol 7.x, providing a specific exploit path but lacking executable code or detailed technical steps. It appears to be a writeup rather than a functional PoC.

Classification

Writeup 80%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: CMScontrol 7.x

Auth required

Prerequisites: Access to admin panel · Valid session or authentication bypass

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026