EIP-2026-106564

PRE-CVE

Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution

Title source: legacy

Description

Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution

Exploits (1)

exploitdb WORKING POC
by LiquidWorm · htmlwebappsphp
https://www.exploit-db.com/exploits/38446

Details

Status pre_cve
Tracked Since Feb 18, 2026