CVE-2013-10054

An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication.

CVSS

No CVSS.

References

Link	Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/libretto_upload_exec.rb
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/libretto_upload_exec.rb
https://sourceforge.net/projects/librettocms/
https://www.exploit-db.com/exploits/26213
https://www.exploit-db.com/exploits/26213
https://www.exploit-db.com/exploits/26421
https://www.vulncheck.com/advisories/librettocms-file-manager-arbitrary-file-upload

Configurations

No configuration.

History

04 Aug 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-04 18:15

Updated : 2025-08-05 16:15

NVD link : CVE-2013-10054

Mitre link : CVE-2013-10054

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/libretto_upload_exec.rb", "name": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/libretto_upload_exec.rb", "tags": [], "refsource": ""}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/libretto_upload_exec.rb", "name": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/libretto_upload_exec.rb", "tags": [], "refsource": ""}, {"url": "https://sourceforge.net/projects/librettocms/", "name": "https://sourceforge.net/projects/librettocms/", "tags": [], "refsource": ""}, {"url": "https://www.exploit-db.com/exploits/26213", "name": "https://www.exploit-db.com/exploits/26213", "tags": [], "refsource": ""}, {"url": "https://www.exploit-db.com/exploits/26213", "name": "https://www.exploit-db.com/exploits/26213", "tags": [], "refsource": ""}, {"url": "https://www.exploit-db.com/exploits/26421", "name": "https://www.exploit-db.com/exploits/26421", "tags": [], "refsource": ""}, {"url": "https://www.vulncheck.com/advisories/librettocms-file-manager-arbitrary-file-upload", "name": "https://www.vulncheck.com/advisories/librettocms-file-manager-arbitrary-file-upload", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions\u00a0and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-10054", "ASSIGNER": "disclosure@vulncheck.com"}}, "impact": {}, "publishedDate": "2025-08-04T18:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-05T16:15Z"}