CVE-2019-10874

HIGH

Bolt CMS 3.6.6 - Cross-Site Request Forgery to Remote Code Execution via File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-10874. PoCs published by FelipeGaspar.

AI-analyzed exploit summary This exploit targets CVE-2019-10874, a vulnerability in Bolt CMS, by uploading a malicious HTML file that modifies the configuration to allow arbitrary file uploads, leading to remote code execution (RCE). The exploit uses XMLHttpRequest to interact with the Bolt admin interface and bypasses authentication by leveraging a CSRF token.

Description

Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file.

Exploits (1)

exploitdb WORKING POC

by FelipeGaspar · htmlwebappsphp

https://www.exploit-db.com/exploits/46664

View Code ZIP pw:eip

This exploit targets CVE-2019-10874, a vulnerability in Bolt CMS, by uploading a malicious HTML file that modifies the configuration to allow arbitrary file uploads, leading to remote code execution (RCE). The exploit uses XMLHttpRequest to interact with the Bolt admin interface and bypasses authentication by leveraging a CSRF token.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Bolt CMS < 3.7.0

No auth needed

Prerequisites: Access to the Bolt CMS admin interface · Bolt CMS version < 3.7.0

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory x_refsource_misc

https://fgsec.net/from-csrf-to-rce-bolt-cms/

Exploit, Patch, Third Party Advisory x_refsource_misc

https://github.com/bolt/bolt/pull/7768/commits/91187aef36363a870d60b0a3c1bf8507af34c9e4

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46664/

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/152429/Bolt-CMS-3.6.6-Cross-Site-Request-Forgery-Code-Execution.html

Scores

CVSS v3 8.8

EPSS 0.0039

EPSS Percentile 60.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (2)

bolt/bolt 3.6.6 - 3.6.7Packagist

boltcms/bolt 3.6.6

Published Apr 05, 2019

Tracked Since Feb 18, 2026