EUVD-2026-19412
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file upload vulnerability exists in the CKEditor upload functionality. It is found in app/Http/Controllers/Dashboard/CkEditorController.php within the ckupload method. The method fails to validate uploaded file types and relies entirely on user input. This allows an authenticated user to upload executable PHP scripts and gain Remote Code Execution. This vulnerability is fixed in 2.0.6.
Analysis
Remote code execution in Brave CMS versions prior to 2.0.6 allows authenticated users to upload and execute arbitrary PHP scripts through the CKEditor upload functionality. The vulnerability stems from unrestricted file upload in the ckupload method of CkEditorController.php, which fails to validate uploaded file types. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: audit all Brave CMS instances to identify versions prior to 2.0.6 and document current user authentication status. Within 7 days: implement file upload restrictions at the application level by disabling PHP execution in the CKEditor upload directory via web server configuration (.htaccess or nginx rules), and restrict upload functionality to administrative users only pending patch availability. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today