cbcvebase.
CVE-2012-1125
published 2012-10-08

CVE-2012-1125: Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to…

PriorityP258medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
11.57%
95.5th percentile
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter.

Affected

3 ranges
VendorProductVersion rangeFixed in
kishore_asokankish_guest_posting_plugin<= 1.1
kishore_asokankish_guest_posting_plugin
kishore_asokankish_guest_posting_plugin

Detection & IOCsextracted from sources · hover to see the quote

pathuploadify/scripts/uploadify.php
  • Attacker uploads a file with a double extension to bypass upload restrictions, then accesses it via a direct request to the uploaded file path.
  • The exploit uses a multipart boundary string '--o0oOo0o' which can be used as a network signature for this specific exploit tool.
  • ·This CVE (CVE-2012-1125) was only incompletely fixed; the double-extension bypass (CVE-2012-5318) persisted in version 1.2, meaning patching to 1.2 alone is insufficient.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.