EIP-2026-110021

PRE-CVE

odlican.net CMS 1.5 - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110021. PoCs published by anonymous.

AI-analyzed exploit summary This is a writeup describing a remote file upload vulnerability in odlican.net CMS v1.5. The vulnerability allows arbitrary file uploads, including PHP scripts, due to missing file extension and size validation in the upload.php file.

Description

odlican.net CMS 1.5 - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP

by anonymous · textwebappsphp

https://www.exploit-db.com/exploits/11340

View Code ZIP pw:eip

This is a writeup describing a remote file upload vulnerability in odlican.net CMS v1.5. The vulnerability allows arbitrary file uploads, including PHP scripts, due to missing file extension and size validation in the upload.php file.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: odlican.net CMS v1.5

No auth needed

Prerequisites: Access to the upload functionality

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026