CVE-2013-10038

FlashChat Arbitrary File Upload RCE

CVSS 9.3 CRITICALEPSS 1.6%CWE-434

Vexday Risk Score

63High priority

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.3EPSS 1.6%KEV nãoPoC públicaNuclei —Metasploit simPatch —

Lifecycle

04 Oct 2013Metasploit module available

31 Jul 2025Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

An unauthenticated arbitrary file upload vulnerability exists in FlashChat versions 6.0.2 and 6.0.4 through 6.0.8. The upload.php endpoint fails to properly validate file types and authentication, allowing attackers to upload malicious PHP scripts. Once uploaded, these scripts can be executed remotely, resulting in arbitrary code execution as the web server user.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

TUFaT · FlashChat

public PoCs found — 2

cve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/flashchat_upload_exec.rbunverified cve_referencewww.exploit-db.com/exploits/28709unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/flashchat_upload_exec.rb https://www.exploit-db.com/exploits/28709 https://www.fortiguard.com/encyclopedia/ips/37342/flashchat-arbitrary-file-upload https://www.phpbb.com/community/viewtopic.php?t=2627786 https://www.vulncheck.com/advisories/flashchat-arbitrary-file-upload-rce