EIP-2026-106398

PRE-CVE

DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106398. PoCs published by Wolves Security Team.

AI-analyzed exploit summary This exploit leverages an authentication bypass vulnerability in DeDeCMS by manipulating session variables and file upload functionality to achieve unauthorized access. The PoC demonstrates how an attacker can upload a malicious file (e.g., shell.asp) by bypassing authentication checks via the '_SESSION[dede_admin_id]' parameter.

Description

DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by Wolves Security Team · htmlwebappsphp

https://www.exploit-db.com/exploits/33685

View Code ZIP pw:eip

This exploit leverages an authentication bypass vulnerability in DeDeCMS by manipulating session variables and file upload functionality to achieve unauthorized access. The PoC demonstrates how an attacker can upload a malicious file (e.g., shell.asp) by bypassing authentication checks via the '_SESSION[dede_admin_id]' parameter.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: DeDeCMS GBK 5.5

No auth needed

Prerequisites: session.auto_start = 1 · access to the file upload endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026