{"id":67709,"date":"2025-08-08T23:32:04","date_gmt":"2025-08-08T20:02:04","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2012-10052-egallery-arbitrary-file-upload-rce\/"},"modified":"2025-08-08T23:32:04","modified_gmt":"2025-08-08T20:02:04","slug":"cve-2012-10052-egallery-arbitrary-file-upload-rce","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2012-10052-egallery-arbitrary-file-upload-rce\/","title":{"rendered":"CVE-2012-10052 &#8211; EGallery Arbitrary File Upload RCE"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2012-10052<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 8, 2025, 7:15 p.m. | 15\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery\/ directory. This results in full remote code execution under the web server context.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 0.0 | NA<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2012-10052 Published : Aug. 8, 2025, 7:15 p.m. | 15\u00a0minutes ago Description : EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery\/ directory. This &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-67709","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/67709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=67709"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/67709\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=67709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=67709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=67709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}