cbcvebase.
CVE-2012-10042
published 2025-08-08

CVE-2012-10042: Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials…

PriorityP264high8.7CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.91%
55.3th percentile
Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials (admin:secret) and allows authenticated users to upload files via manage.php. The upload mechanism fails to validate file types, enabling attackers to upload a PHP backdoor into a web-accessible directory (blogs/download/uploads/). Once uploaded, the file can be executed remotely, resulting in full remote code execution.

Affected

1 ranges
VendorProductVersion rangeFixed in
sflog!sflog!_cms

Detection & IOCsextracted from sources · hover to see the quote

pathblogs/download/uploads/
pathmanage.php
  • Monitor for file upload requests to manage.php followed by HTTP GET/POST requests to blogs/download/uploads/ — this sequence indicates exploitation of the arbitrary file upload vulnerability.
  • Alert on authentication attempts or successful logins using the default credential pair admin:secret against Sflog! CMS instances.
  • Detect PHP file creation or execution within the blogs/download/uploads/ directory, which is web-accessible and should not contain executable scripts.
  • ·Exploitation requires valid authentication; however, the default credentials (admin:secret) ship with the product, making unauthenticated-equivalent access trivial unless credentials are changed.
  • ·The vulnerability is specific to Sflog! CMS version 1.0; detections and mitigations should be scoped to this version.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.