PT-2025-31843 · Unknown+1 · Librettocms+1
Published
2025-08-04
·
Updated
2025-08-04
·
CVE-2013-10054
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
LibrettoCMS versions prior to 1.1.7
Description
An unauthenticated arbitrary file upload vulnerability exists in the File Manager plugin. The upload handler located at
/adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php does not properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication.Recommendations
Update LibrettoCMS to a version later than 1.1.7.
Fix
RCE
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
File Manager
Librettocms