CVE-2012-1153

appRain CMF <= 0.1.5 - Unauthenticated Arbitrary File Upload and Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-1153. PoCs published by Metasploit, EgiX, EgiX, sinn3r, including Metasploit module exploits/multi/http/apprain_upload_exec.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in appRain CMF 0.1.5 or earlier via the uploadify.php endpoint, allowing remote code execution by uploading a malicious PHP file.

Description

Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappsphp
https://www.exploit-db.com/exploits/18922

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in appRain CMF 0.1.5 or earlier via the uploadify.php endpoint, allowing remote code execution by uploading a malicious PHP file.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: appRain CMF <= 0.1.5
No auth needed
Prerequisites: Network access to the target · Target running appRain CMF <= 0.1.5
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by EgiX · phpwebappsphp
https://www.exploit-db.com/exploits/18392

This exploit demonstrates an unrestricted file upload vulnerability in appRain CMF <= 0.1.5, allowing an attacker to upload a malicious PHP file and execute arbitrary commands via a reverse shell. The vulnerability arises due to lack of file extension validation and authentication checks in the uploadify.php script.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: appRain CMF <= 0.1.5
No auth needed
Prerequisites: Network access to the target web server · The uploadify.php script must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by EgiX, sinn3r · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apprain_upload_exec.rb

This Metasploit module exploits an unauthenticated arbitrary PHP file upload vulnerability in appRain CMF 0.1.5 or less via the uploadify.php endpoint, leading to remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: appRain CMF <= 0.1.5
No auth needed
Prerequisites: Network access to the target · Target running appRain CMF <= 0.1.5
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/78473
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/03/09/5
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72466
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/51576
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-01/0128.html
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/18392
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/18922
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/03/10/5

Scores

EPSS 0.3241
EPSS Percentile 98.1%

Details

Status published
Products (6)
apprain/apprain 0.1.0
apprain/apprain 0.1.1
apprain/apprain 0.1.2
apprain/apprain 0.1.3
apprain/apprain 0.1.4
apprain/apprain < 0.1.5
Published Oct 06, 2012
Tracked Since Feb 18, 2026