Lucene search
K

60 matches found

RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.6 views

CVE-2025-65473

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name...

9.1CVSS7.8AI score0.00498EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.6 views

CVE-2025-65472

A Cross-Site Request Forgery CSRF in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Administrator via user interaction with a malicious web page...

8.8CVSS7AI score0.00177EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.5 views

CVE-2025-65474

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format...

9.8CVSS7.9AI score0.00473EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.5 views

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

8.8CVSS7.9AI score0.00468EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/11 6:30 p.m.4 views

EUVD-2025-202701

A Cross-Site Request Forgery CSRF in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Administrator via user interaction with a malicious web page...

6.5AI score0.00177EPSS
Exploits1References3
NVD
NVD
added 2025/12/11 5:15 p.m.7 views

CVE-2025-65474

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format...

9.8CVSS0.00473EPSS
Exploits1References2
NVD
NVD
added 2025/12/11 5:15 p.m.8 views

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

8.8CVSS0.00468EPSS
Exploits1References2
NVD
NVD
added 2025/12/11 5:15 p.m.11 views

CVE-2025-65472

A Cross-Site Request Forgery CSRF in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Administrator via user interaction with a malicious web page...

8.8CVSS0.00177EPSS
Exploits1References2
NVD
NVD
added 2025/12/11 5:15 p.m.8 views

CVE-2025-65473

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name...

9.1CVSS0.00498EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50636

Name of the Vulnerable Software and Affected Versions EasyImages versions 2.0 through 2.8.6 Description A flaw exists in the /admin/manager.php component that allows for arbitrary file renaming. An attacker can exploit this to execute arbitrary code by renaming a PHP file to an SVG format...

7.5AI score0.00473EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 12:0 a.m.10 views

EUVD-2025-202703

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name...

9.1CVSS7.2AI score0.00498EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.36 views

CVE-2025-65472

A Cross-Site Request Forgery CSRF in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Administrator via user interaction with a malicious web page...

0.00177EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.32 views

CVE-2025-65474

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format...

0.00473EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.30 views

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

0.00468EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.33 views

CVE-2025-65473

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name...

0.00498EPSS
Exploits1References2
CVE
CVE
added 2025/12/11 12:0 a.m.30 views

CVE-2025-65471

CVE-2025-65471 affects EasyImages 2.0 up to v2.8.6, with an arbitrary file upload in /admin/manager.php that can lead to remote code execution via a crafted PHP upload. Root cause described as improper file upload handling. Public references from multiple feeds confirm the vulnerability; PT-Secur...

8.8CVSS7.5AI score0.00468EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.20 views

CVE-2025-65474

CVE-2025-65474 affects EasyImages 2.0 up to and including 2.8.6. The vulnerability resides in the /admin/manager.php component, where insecure file renaming can be exploited to execute arbitrary code by renaming a PHP file to an SVG format. Impact is described as arbitrary code execution with hig...

9.8CVSS7.5AI score0.00473EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/12/11 12:0 a.m.21 views

CVE-2025-65472

Summary: CVE-2025-65472 describes a CSRF flaw in EasyImages 2.0 up to v2.8.6, specifically in the /admin/admin.inc.php component, enabling privilege escalation to Administrator when a user interacts with a crafted page. Affected software: EasyImages 2.0 and all builds

8.8CVSS6.6AI score0.00177EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/12/11 12:0 a.m.6 views

EUVD-2025-202767

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format...

7.3AI score0.00473EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.5 views

EasyImages 安全漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages 2.0 2.8.6 and earlier versions, which stems from improper file renaming functionality and could lead to the execution ...

9.1CVSS6.8AI score0.00498EPSS
Exploits1References2
Rows per page
Query Builder