CVE-2026-1107
Unknown Unknown - Not Provided
Unrestricted File Upload in EyouCMS Member Avatar Handler

Publication date: 2026-01-18

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function check_userinfo of the file Diyajax.php of the component Member Avatar Handler. Executing a manipulation of the argument viewfile can lead to unrestricted upload. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-18
Last Modified
2026-04-29
Generated
2026-05-06
AI Q&A
2026-01-18
EPSS Evaluated
2026-05-05
NVD
CVE-2026-1107
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
eyoucms eyoucms 1.7.1
eyoucms eyoucms 1.7.0
eyoucms eyoucms 5.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-1107 is a vulnerability in EyouCMS versions up to 1.7.1 and 5.0, specifically in the check_userinfo function of the Diyajax.php file within the Member Avatar Handler component. It allows an attacker to manipulate the 'viewfile' argument to perform unrestricted file uploads, leading to arbitrary code execution on the server. This happens because of improper validation and sanitization of the input, enabling attackers to upload and execute malicious files remotely without authentication. [1, 2, 3]


How can this vulnerability impact me? :

This vulnerability can lead to a full system compromise by allowing attackers to upload and execute malicious files on the affected server. This compromises the confidentiality, integrity, and availability of the system. Since the exploit can be performed remotely without authentication and a proof-of-concept is publicly available, it poses a significant security risk, potentially resulting in unauthorized access, data breaches, and service disruption. [1, 2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of the vulnerable API endpoint Diyajax.php and specifically the check_userinfo function handling the viewfile argument. One method is to use Google dorking with queries like 'inurl:Diyajax.php' to identify potentially vulnerable targets. On your network or system, you can attempt to access the endpoint with crafted requests targeting the viewfile parameter to see if unrestricted file upload is possible. Specific commands are not provided, but using tools like curl or wget to send requests to the Diyajax.php endpoint with manipulated viewfile parameters could help detect exploitation attempts. [1]


What immediate steps should I take to mitigate this vulnerability?

No vendor response or official mitigation has been provided for this vulnerability. The recommended immediate step is to replace the affected product (EyouCMS versions up to 1.7.1 and 5.0) with an alternative solution. Since the vulnerability allows remote unrestricted file upload leading to code execution, it is critical to restrict access to the vulnerable endpoint, monitor for suspicious activity, and consider disabling or restricting the check_userinfo API if possible until a secure version or patch is available. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart