CVE-2012-10062 – Apache Friends XAMPP WebDAV Remote Code Execution Vulnerability

August 30, 2025

CVE ID : CVE-2012-10062

Published : Aug. 30, 2025, 2:15 p.m. | 11 hours, 44 minutes ago

Description : A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3’s default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a subsequent GET request, resulting in remote code execution on the server.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9690 – SourceCodester Advanced School Management System SQL Injection Vulnerability

Next Article CVE-2011-10032 – Sunway ForceControl SNMP NetDBServer Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-5645 – Radare2 r_cons_pal_init Memory Corruption Vulnerability

June 5, 2025

CVE ID : CVE-2025-5645

Published : June 5, 2025, 8:15 a.m. | 3 hours, 25 minutes ago

Description : A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and “crashy”. Further analysis has shown “the race is not a real problem unless you use asan”. A new warning has been added.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2012-10062 – Apache Friends XAMPP WebDAV Remote Code Execution Vulnerability

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

Step by Step Guide on Converting Text to High-Quality Audio Using an Open Source TTS Model on Hugging Face: Including Detailed Audio File Analysis and Diagnostic Tools in Python

Designer Spotlight: Vítor Cardoso

Chrome Security Update: Patch for 11 Vulnerabilities Enabling Malicious Code Execution

CVE-2025-5645 – Radare2 r_cons_pal_init Memory Corruption Vulnerability

Logical assignment operators in JavaScript: small syntax, big wins

CVE-2025-49882 – CubeWP Framework Cross-site Scripting

How to share files with sensitive content securely on Windows 11

CVE-2012-10062 – Apache Friends XAMPP WebDAV Remote Code Execution Vulnerability

Related Posts