CVE-2019-12185

HIGH

elabftw 1.8.5 - Authenticated Arbitrary File Upload via EntityController

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2019-12185. PoCs published by liquidsky, fuzzlove, fuzzlove-group.

AI-analyzed exploit summary This exploit leverages an arbitrary file upload vulnerability in eLabFTW 1.8.5 via the EntityController component, allowing an authenticated attacker to upload a malicious PHP file and achieve remote code execution (RCE). The PoC includes a multipart/form-data payload with a PHP shell and automates the login and upload process.

Description

eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.

Exploits (4)

exploitdb WORKING POC
by liquidsky · pythonwebappsphp
https://www.exploit-db.com/exploits/46869

This exploit leverages an arbitrary file upload vulnerability in eLabFTW 1.8.5 via the EntityController component, allowing an authenticated attacker to upload a malicious PHP file and achieve remote code execution (RCE). The PoC includes a multipart/form-data payload with a PHP shell and automates the login and upload process.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: eLabFTW 1.8.5
Auth required
Prerequisites: Valid user credentials · Network access to the target · PHP environment with file uploads enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 7 stars
by fuzzlove · poc
https://github.com/fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE

This repository contains a functional Python exploit for CVE-2019-12185, which leverages an arbitrary file upload vulnerability in eLabFTW 1.8.5's EntityController to achieve remote code execution. The exploit authenticates, crafts a multipart POST request with a malicious PHP payload, and uploads it to the server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: eLabFTW 1.8.5
Auth required
Prerequisites: Valid user credentials · Network access to the target
devstral-2 · analyzed Feb 18, 2026 Full analysis →
gitlab WORKING POC
by fuzzlove-group · poc
https://gitlab.com/fuzzlove-group/eLabFTW-1-8-5-EntityController-Arbitrary-File-Upload-RCE

This repository contains a functional Python exploit for CVE-2019-12185, which leverages an arbitrary file upload vulnerability in eLabFTW 1.8.5's EntityController to achieve remote code execution (RCE). The exploit authenticates with provided credentials, crafts a multipart/form-data POST request to upload a malicious PHP file, and executes commands on the target system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: eLabFTW 1.8.5
Auth required
Prerequisites: valid user credentials · network access to the target
devstral-2 · analyzed Feb 23, 2026 Full analysis →
nomisec WORKING POC
by Drew-Alleman · poc
https://github.com/Drew-Alleman/CVE-2019-12185

This repository contains a functional Python exploit for CVE-2019-12185, targeting eLabFTW 1.8.5. The exploit leverages an arbitrary file upload vulnerability in the 'EntityController' to achieve remote code execution (RCE) by uploading a malicious PHP file.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: eLabFTW 1.8.5
Auth required
Prerequisites: Valid credentials for eLabFTW · Network access to the target application
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Vendor Advisory, URL Repurposed x_refsource_misc
http://incidentsecurity.com/elabftw-1-8-5-entitycontroller-arbitrary-file-upload-rce/

Scores

CVSS v3 8.8
EPSS 0.1811
EPSS Percentile 96.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
elabftw/elabftw 1.8.5
Published May 20, 2019
Tracked Since Feb 18, 2026