CVE-2026-2226 - Vulnerability Details

- DouPHP ZIP File file.php unrestricted upload

Description

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sql_filename leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Published: 2026-02-09

Score: 5.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

This vulnerability resides in the ZIP File Handler component of DouPHP through the admin/file.php endpoint. Manipulation of the sql_filename parameter allows an attacker to upload any file without restriction. Because the uploaded file can contain executable code, an attacker can potentially run arbitrary code on the host. This flaw is classified as an untrusted content upload and improper access control.

Affected Systems

The issue affects all installations of DouPHP up to and including version 1.9. No later versions are presently known to contain the fix. Administrators using the bundled admin/file.php page are therefore at risk unless they upgrade beyond 1.9 or take mitigations.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity, while the EPSS score shows a very low but nonzero likelihood of exploitation. The vulnerability is not currently listed in CISA’s KEV catalog. Attackers can exploit the flaw remotely, so any machine with visible /admin/file.php and a writable upload directory is a potential target. Because no known exploit code is publicly available, the chance of immediate exploitation is low, but the potential impact of remote code execution warrants timely remediation.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

DouPHP

affected

Version	Status	Constraints
`1.0`	affected	—
`1.1`	affected	—
`1.2`	affected	—
`1.3`	affected	—
`1.4`	affected	—
`1.5`	affected	—
`1.6`	affected	—
`1.7`	affected	—
`1.8`	affected	—
`1.9`	affected	—

Configuration 1 [-]

cpe:2.3:a:douco:douphp:*:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Douphp

—

Version	Status	Scheme	Platform
`1.0`	affected	generic	—
`1.1`	affected	generic	—
`1.2`	affected	generic	—
`1.3`	affected	generic	—
`1.4`	affected	generic	—
`1.5`	affected	generic	—
`1.6`	affected	generic	—
`1.7`	affected	generic	—
`1.8`	affected	generic	—
`1.9`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to a DouPHP version newer than 1.9 or apply the vendor’s patch for admin/file.php
If an upgrade is not feasible, disable or protect the /admin/file.php endpoint with proper authentication and authorization checks so only trusted users can access it
Add file type validation and ban dangerous extensions (such as .php or .phtml) in the upload handler, and store uploads outside the web root

Generated by OpenCVE AI on April 17, 2026 at 21:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00021.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/pengchengwangli/MyCVE/issues/2
https://vuldb.com/?ctiid.344943
https://vuldb.com/?id.344943
https://vuldb.com/?submit.753441

History

Fri, 27 Feb 2026 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Douco Douco douphp
CPEs		cpe:2.3:a:douco:douphp::::::::
Vendors & Products		Douco Douco douphp

Mon, 23 Feb 2026 10:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:douphp:douphp::::::::

Tue, 10 Feb 2026 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Douphp Douphp douphp
Vendors & Products		Douphp Douphp douphp

Mon, 09 Feb 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 09 Feb 2026 09:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sql_filename leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Title		DouPHP ZIP File file.php unrestricted upload
Weaknesses		CWE-284 CWE-434
References		https://github.com/pengchengwangli/MyCVE/issues/2 https://vuldb.com/?ctiid.344943 https://vuldb.com/?id.344943 https://vuldb.com/?submit.753441
Metrics		cvssV2_0 `{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Douco Douphp

Douphp Douphp

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-09T09:32:07.108Z

Updated: 2026-02-23T09:59:32.354Z

Reserved: 2026-02-08T16:09:56.196Z

Link: CVE-2026-2226

Vulnrichment

Updated: 2026-02-09T13:55:53.212Z

NVD

Status : Analyzed

Published: 2026-02-09T10:15:57.683

Modified: 2026-02-27T18:10:01.627

Link: CVE-2026-2226

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T21:30:28Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object