CVE-2013-10055

Published: Aug 1, 2025Modified: Aug 4, 2025

9.3

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: disclosure@vulncheck.com (Secondary)

Description

An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attackers to upload malicious PHP files via a crafted multipart/form-data POST request. Once uploaded, the attacker can access the file directly under havalite/tmp/files/, resulting in remote code execution.

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (5)

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/havalite_upload_exec.rb

Source: disclosure@vulncheck.com

https://sourceforge.net/projects/havalite/

Source: disclosure@vulncheck.com

https://www.exploit-db.com/exploits/26243

Source: disclosure@vulncheck.com

https://www.vulncheck.com/advisories/havalite-cms-arbitary-file-upload-rce

Source: disclosure@vulncheck.com

https://www.exploit-db.com/exploits/26243

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.