EIP-2026-113331

PRE-CVE

WEBMIS CMS - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113331. PoCs published by Jagriti Sahu.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in WEBMIS CMS. The provided HTML form allows an attacker to upload arbitrary files to the server, potentially leading to remote code execution.

Description

WEBMIS CMS - Arbitrary File Upload

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jagriti Sahu · htmlwebappsphp

https://www.exploit-db.com/exploits/39255

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file upload vulnerability in WEBMIS CMS. The provided HTML form allows an attacker to upload arbitrary files to the server, potentially leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WEBMIS CMS (version not specified)

No auth needed

Prerequisites: Access to the vulnerable upload endpoint

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026