CVE-2014-9312

HIGH

Photo Gallery 1.2.5 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-9312. PoCs published by Kacper Szurek, Kacper Szurek, rastating, including Metasploit module exploits/unix/webapp/wp_photo_gallery_unrestricted_file_upload.

AI-analyzed exploit summary This exploit demonstrates an unrestricted file upload vulnerability in Photo Gallery 1.2.5, allowing any registered user (even Subscriber) to upload malicious files via a crafted form submission to admin-ajax.php. The uploaded files are then accessible in a predictable directory, enabling remote code execution.

Description

Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.

Exploits (2)

exploitdb WORKING POC
by Kacper Szurek · textwebappsphp
https://www.exploit-db.com/exploits/35916

This exploit demonstrates an unrestricted file upload vulnerability in Photo Gallery 1.2.5, allowing any registered user (even Subscriber) to upload malicious files via a crafted form submission to admin-ajax.php. The uploaded files are then accessible in a predictable directory, enabling remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Photo Gallery WordPress Plugin 1.2.5
Auth required
Prerequisites: Registered user account (even Subscriber role) · Access to wp-admin/admin-ajax.php
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Kacper Szurek, rastating · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_photo_gallery_unrestricted_file_upload.rb

This Metasploit module exploits an unrestricted file upload vulnerability in the WordPress Photo Gallery plugin (CVE-2014-9312), allowing remote code execution by uploading a malicious PHP file disguised as a ZIP archive. The exploit authenticates with WordPress, uploads the payload, and triggers execution via a GET request.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WordPress Photo Gallery plugin < 1.2.6
Auth required
Prerequisites: Valid WordPress credentials · Photo Gallery plugin version < 1.2.6
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72620

Scores

CVSS v3 8.8
EPSS 0.4535
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
10web/photo_gallery 1.2.5
Published Aug 28, 2017
Tracked Since Feb 18, 2026