Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:49 a.m.4 views

CVE-2011-4106

TimThumb timthumb.php before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache...

6.8CVSS7.8AI score0.23165EPSS
Exploits17References1
CVE
CVE
added 2013/10/26 4:0 p.m.81 views

CVE-2011-4106

TimThumb (timthumb.php) prior to version 2.0 contains a flaw where the code does not validate the entire image source against the domain whitelist. This allows a remote attacker to craft a URL with a whitelisted domain in the src parameter to upload and subsequently access a file in the cache dir...

6.8CVSS9.4AI score0.23165EPSS
Exploits17References7Affected Software1
Cvelist
Cvelist
added 2013/10/26 4:0 p.m.41 views

CVE-2011-4106

TimThumb timthumb.php before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache...

7.4AI score0.23165EPSS
Exploits17References7
Circl
Circl
added 2011/08/03 12:0 a.m.7 views

CVE-2011-4106

creationtimestamp| type| source ---|---|--- 2011-08-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17602 2026-06-19 16:45:36+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a009c5fa-c459-4903-9955-a769dbabfd23 2026-06-23 14:04:09+00:00|...

6.8CVSS7.3AI score0.23165EPSS
Exploits17References3
Rows per page
Query Builder