{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2012-10049", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-08-08T16:06:25.404Z", "datePublished": "2025-08-08T18:13:47.402Z", "dateUpdated": "2026-05-15T11:13:57.782Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["/work/resultimage.php"], "product": "WebPageTest", "vendor": "WPO Foundation", "versions": [{"lessThanOrEqual": "2.6", "status": "affected", "version": "0", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:webpagetest:webpagetest:*:*:*:*:*:*:*:*", "versionStartIncluding": "0", "versionEndIncluding": "2.6"}]}]}], "credits": [{"lang": "en", "type": "finder", "value": "dun"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the <code>resultimage.php</code> script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context.</p>"}], "value": "WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context."}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-15T11:13:57.782Z"}, "references": [{"tags": ["exploit"], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/webpagetest_upload_exec.rb"}, {"tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/19790"}, {"tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/20173"}, {"tags": ["third-party-advisory"], "url": "https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=26148"}, {"tags": ["product"], "url": "https://github.com/catchpoint/WebPageTest"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/webpagetest-arbitrary-php-file-upload-rce"}], "source": {"discovery": "UNKNOWN"}, "title": "WebPageTest Arbitrary PHP File Upload RCE", "x_generator": {"engine": "Vulnogram 0.2.0"}, "datePublic": "2012-07-13T00:00:00.000Z"}, "adp": [{"references": [{"url": "https://www.exploit-db.com/exploits/20173", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/exploits/19790", "tags": ["exploit"]}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/webpagetest_upload_exec.rb", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-08T18:44:45.941355Z", "id": "CVE-2012-10049", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-08T18:44:49.016Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2012-10049", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-08T18:44:45.941355Z"}}}], "references": [{"url": "https://www.exploit-db.com/exploits/20173", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/exploits/19790", "tags": ["exploit"]}, {"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/webpagetest_upload_exec.rb", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-08T18:44:38.305Z"}}], "cna": {"title": "WebPageTest Arbitrary PHP File Upload RCE", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "dun"}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "WPO Foundation", "modules": ["/work/resultimage.php"], "product": "WebPageTest", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.6"}], "defaultStatus": "unaffected"}], "datePublic": "2012-07-13T00:00:00.000Z", "references": [{"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/webpagetest_upload_exec.rb", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/exploits/19790", "tags": ["exploit"]}, {"url": "https://www.exploit-db.com/exploits/20173", "tags": ["exploit"]}, {"url": "https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=26148", "tags": ["third-party-advisory"]}, {"url": "https://github.com/catchpoint/WebPageTest", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/webpagetest-arbitrary-php-file-upload-rce", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context.", "supportingMedia": [{"type": "text/html", "value": "<p>WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the <code>resultimage.php</code> script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:webpagetest:webpagetest:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "2.6", "versionStartIncluding": "0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-15T11:13:57.782Z"}}}, "cveMetadata": {"cveId": "CVE-2012-10049", "state": "PUBLISHED", "dateUpdated": "2026-05-15T11:13:57.782Z", "dateReserved": "2025-08-08T16:06:25.404Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-08-08T18:13:47.402Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context."}, {"lang": "es", "value": "WebPageTest versi\u00f3n 2.6 y anteriores contienen una vulnerabilidad de carga de archivos arbitrarios en el script resultimage.php. La aplicaci\u00f3n no valida ni depura la informaci\u00f3n proporcionada por el usuario antes de guardar los archivos subidos en un directorio de acceso p\u00fablico. Esta falla permite a atacantes remotos cargar y ejecutar c\u00f3digo PHP arbitrario, lo que resulta en la ejecuci\u00f3n completa del c\u00f3digo remoto en el contexto del servidor web."}], "id": "CVE-2012-10049", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-08-08T19:15:35.040", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/catchpoint/WebPageTest"}, {"source": "disclosure@vulncheck.com", "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/webpagetest_upload_exec.rb"}, {"source": "disclosure@vulncheck.com", "url": "https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=26148"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/19790"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/20173"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/webpagetest-arbitrary-php-file-upload-rce"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/webpagetest_upload_exec.rb"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.exploit-db.com/exploits/19790"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.exploit-db.com/exploits/20173"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"created": "2025-08-12T11:47:19.111045+00:00", "updated": "2025-08-12T11:47:19.111089+00:00", "vendors": ["webpagetest_project", "webpagetest_project$PRODUCT$webpagetest"]}