CVE-2012-1125 - Vulnerability Details - OpenCVE

Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.37883.

Key SSVC decision points have not yet been added.

Vendors	Products
Kishore Asokan Subscribe	Kish Guest Posting Plugin Subscribe
Wordpress Subscribe	Wordpress Subscribe

Configuration 1 [-]

AND

OR	cpe:2.3:a:kishore_asokan:kish_guest_posting_plugin::::::::
	cpe:2.3:a:kishore_asokan:kish_guest_posting_plugin:1.0:::::::*

cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html
http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt
http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php
http://secunia.com/advisories/47688
http://www.exploit-db.com/exploits/18412
http://www.openwall.com/lists/oss-security/2012/03/06/11
http://www.openwall.com/lists/oss-security/2012/03/06/3
http://www.openwall.com/lists/oss-security/2012/03/08/1
http://www.osvdb.org/78479
http://www.securityfocus.com/bid/51638
https://exchange.xforce.ibmcloud.com/vulnerabilities/79563

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-10-08T17:00:00

Updated: 2024-08-06T18:45:27.520Z

Reserved: 2012-02-14T00:00:00

Link: CVE-2012-1125

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-10-08T17:55:00.857

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-1125

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-01-23T00:00:00", "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "47688", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47688"}, {"name": "[oss-security] 20120308 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/03/08/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php"}, {"name": "[oss-security] 20120306 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/03/06/11"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt"}, {"name": "wp-kishguest-uploadify-file-upload(79563)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79563"}, {"name": "[oss-security] 20120306 CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/03/06/3"}, {"name": "51638", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/51638"}, {"name": "20120123 Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html"}, {"name": "18412", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/18412"}, {"name": "78479", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/78479"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-1125", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "47688", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47688"}, {"name": "[oss-security] 20120308 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/03/08/1"}, {"name": "http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php", "refsource": "CONFIRM", "url": "http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php"}, {"name": "[oss-security] 20120306 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/03/06/11"}, {"name": "http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt", "refsource": "CONFIRM", "url": "http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt"}, {"name": "wp-kishguest-uploadify-file-upload(79563)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79563"}, {"name": "[oss-security] 20120306 CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/03/06/3"}, {"name": "51638", "refsource": "BID", "url": "http://www.securityfocus.com/bid/51638"}, {"name": "20120123 Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html"}, {"name": "18412", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/18412"}, {"name": "78479", "refsource": "OSVDB", "url": "http://www.osvdb.org/78479"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:45:27.520Z"}, "title": "CVE Program Container", "references": [{"name": "47688", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47688"}, {"name": "[oss-security] 20120308 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/03/08/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php"}, {"name": "[oss-security] 20120306 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/03/06/11"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt"}, {"name": "wp-kishguest-uploadify-file-upload(79563)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79563"}, {"name": "[oss-security] 20120306 CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/03/06/3"}, {"name": "51638", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/51638"}, {"name": "20120123 Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html"}, {"name": "18412", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/18412"}, {"name": "78479", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/78479"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1125", "datePublished": "2012-10-08T17:00:00", "dateReserved": "2012-02-14T00:00:00", "dateUpdated": "2024-08-06T18:45:27.520Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kishore_asokan:kish_guest_posting_plugin:*:*:*:*:*:*:*:*", "matchCriteriaId": "25A5784F-010B-4395-AD35-056820A7439C", "versionEndIncluding": "1.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:kishore_asokan:kish_guest_posting_plugin:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "024EC77B-E196-4165-B0FA-0F89E37DC51D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*", "matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter."}, {"lang": "es", "value": "Vulnerabilidad de subida de archivos sin restricci\u00f3n en uploadify/scripts/uploadify.php en el plugin Kish Guest Posting anterior a v1.2 para WordPress, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n subiendo un archivo con una extensi\u00f3n PHP, despu\u00e9s accediendo al mismo a trav\u00e9s de una petici\u00f3n al fichero en el directorio especificado por el par\u00e1metro folder."}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/434.html\r\n\r\n'CWE-434: Unrestricted Upload of File with Dangerous Type'", "id": "CVE-2012-1125", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-08T17:55:00.857", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html"}, {"source": "secalert@redhat.com", "url": "http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt"}, {"source": "secalert@redhat.com", "url": "http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47688"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18412"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/03/06/11"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/03/06/3"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/03/08/1"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/78479"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/51638"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79563"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0145.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://plugins.svn.wordpress.org/kish-guest-posting/trunk/readme.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://plugins.trac.wordpress.org/changeset/403694/kish-guest-posting/trunk/uploadify/scripts/uploadify.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47688"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18412"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/03/06/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/03/06/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/03/08/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/78479"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/51638"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79563"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}