EIP-2026-106508

PRE-CVE

Dokeos Lms 1.8.5 - 'Include' Remote Code Execution

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106508. PoCs published by StAkeR.

AI-analyzed exploit summary This exploit targets a Local File Inclusion (LFI) vulnerability in Dokeos LMS <= 1.8.5, allowing an attacker to upload a malicious HTML file via the FCKeditor upload functionality and then include it to achieve Remote Code Execution (RCE). The exploit uses a combination of file upload and path traversal techniques to bypass input sanitization.

Description

Dokeos Lms 1.8.5 - 'Include' Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED
by StAkeR · perlwebappsphp
https://www.exploit-db.com/exploits/8513

This exploit targets a Local File Inclusion (LFI) vulnerability in Dokeos LMS <= 1.8.5, allowing an attacker to upload a malicious HTML file via the FCKeditor upload functionality and then include it to achieve Remote Code Execution (RCE). The exploit uses a combination of file upload and path traversal techniques to bypass input sanitization.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Dokeos LMS <= 1.8.5
Auth required
Prerequisites: Valid credentials for Dokeos LMS · FCKeditor upload functionality enabled · Windows-based target system (due to path traversal using backslashes)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026