cbcvebase.
CVE-2012-10052
published 2025-08-08

CVE-2012-10052: EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types…

PriorityP272critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.39%
68.9th percentile
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory. This results in full remote code execution under the web server context.

Affected

1 ranges
VendorProductVersion rangeFixed in
egalleryegallery

Detection & IOCsextracted from sources · hover to see the quote

pathuploadify.php
pathegallery/
  • Monitor for unauthenticated HTTP POST requests targeting the uploadify.php script in EGallery installations, particularly those uploading PHP files.
  • Alert on PHP files appearing in the web-accessible egallery/ directory, as legitimate uploads should not include executable PHP scripts.
  • Detect HTTP GET/POST requests to PHP files within the egallery/ directory that were not present prior to a POST to uploadify.php, indicating webshell execution.
  • ·Exploitation requires the egallery/ directory to be web-accessible and writable by the web server process; deployments with restricted directory permissions or non-standard install paths may not be directly exploitable via this path.
  • ·The vulnerability is specific to EGallery version 1.2; other versions may not be affected.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.