WordPress Simple Image Manipulator < 1.0 - Local File Inclusion

WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion in ./simple-image-manipulator/controller/download.php because no checks are made to authenticate users or sanitize input when determining file location. id: CVE-2015-1000010 info: name: WordPress Simple Image Manipulator...

Exploit for CVE-2025-69460

CVE-2025-69460 – Simple Image Gallery 1.0 Remote Cod...

📄 Adobe DNG SDK Image Processing Logic

Proof of concept exploit that demonstrates a heap out-of-bounds read / write leading to memory corruption and potential code execution in the Image Processing Logic of Adobe DNG SDK versions prior to 1.7.1.2410...

EUVD-2018-19432

Malware in sbrugna...

EUVD-2021-25256

Malware in sbrugna...

EUVD-2017-7550

Malware in sbrugna...

EUVD-2021-25190

Malware in sbrugna...

EUVD-2025-3950

Malicious code in bioql PyPI...

EUVD-2024-44489

Malicious code in bioql PyPI...

EUVD-2023-30829

Malicious code in bioql PyPI...

EUVD-2022-50370

Malicious code in bioql PyPI...

EUVD-2024-44056

Malicious code in bioql PyPI...

CVE-2025-24810

Cross-site scripting vulnerability exists in Simple Image Sizes 3.2.3 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege and accessing the settings screen...

CVE-2024-4433

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mr Digital Simple Image Popup allows Stored XSS.This issue affects Simple Image Popup: from n/a through 2.4.0...

CVE-2023-27040

Simple Image Gallery v1.0 was discovered to contain a remote code execution RCE vulnerability via the username parameter...

CVE-2023-6896

A vulnerability was found in SourceCodester Simple Image Stack Website 1.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument search with the input sy2ap%22%3e%3cscript%3ealert1%3c%2fscript%3etkxh1 leads to cross site scripting. The...

CVE-2021-38753

An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app...

CVE-2021-38819

A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page...

WordPress Simple Image Sizes plugin <= 3.2.2- Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

WordPress Simple Image Sizes plugin = 3.2.2- Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by ier2317 in WordPress Plugin Simple Image Sizes versions = 3.2.2...

CVE-2025-24810

Cross-site scripting vulnerability exists in Simple Image Sizes 3.2.3 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege and accessing the settings screen...