EIP-2026-111684

PRE-CVE

RazorCMS 1.2.1 STABLE - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111684. PoCs published by i2sec_Hyo jun Oh.

AI-analyzed exploit summary This exploit describes an unauthenticated file upload vulnerability in RazorCMS <= 1.2.1, allowing attackers to upload malicious PHP files (webshells) to the server. The vulnerability stems from insufficient file extension validation, enabling remote code execution (RCE) via the uploaded file.

Description

RazorCMS 1.2.1 STABLE - Arbitrary File Upload

Exploits (1)

exploitdb WORKING POC

by i2sec_Hyo jun Oh · textwebappsphp

https://www.exploit-db.com/exploits/18574

View Code ZIP pw:eip

This exploit describes an unauthenticated file upload vulnerability in RazorCMS <= 1.2.1, allowing attackers to upload malicious PHP files (webshells) to the server. The vulnerability stems from insufficient file extension validation, enabling remote code execution (RCE) via the uploaded file.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: RazorCMS <= 1.2.1 STABLE

Auth required

Prerequisites: Access to user login credentials · Network access to the target

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026