CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/12/12 1:6 a.m.•5 views

CVE-2025-65473

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name...

9.1CVSS7.8AI score0.00489EPSS

Exploits1References1

NVD•added 2025/12/11 5:15 p.m.•5 views

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

8.8CVSS0.0045EPSS

Exploits1References2

OSV•added 2025/12/11 5:15 p.m.•4 views

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

8.8CVSS7.8AI score

Exploits0References2

Positive Technologies•added 2025/12/11 12:0 a.m.•6 views

PT-2025-50636

Name of the Vulnerable Software and Affected Versions EasyImages versions 2.0 through 2.8.6 Description A flaw exists in the /admin/manager.php component that allows for arbitrary file renaming. An attacker can exploit this to execute arbitrary code by renaming a PHP file to an SVG format...

7.5AI score0.00455EPSS

Exploits1References4

CNNVD•added 2025/12/11 12:0 a.m.•3 views

EasyImages 安全漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages 2.0 2.8.6 and earlier versions, which stems from cross-site request forgery and could lead to elevation of privilege...

8.8CVSS6.6AI score0.00171EPSS

Exploits1References2

EUVD•added 2025/12/11 12:0 a.m.•4 views

EUVD-2025-202765

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.4AI score0.0045EPSS

Exploits1References3

Cvelist•added 2025/12/11 12:0 a.m.•28 views

CVE-2025-65474

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format...

0.00455EPSS

Exploits1References2

CVE•added 2025/12/11 12:0 a.m.•24 views

CVE-2025-65471

CVE-2025-65471 affects EasyImages 2.0 up to v2.8.6, with an arbitrary file upload in /admin/manager.php that can lead to remote code execution via a crafted PHP upload. Root cause described as improper file upload handling. Public references from multiple feeds confirm the vulnerability; PT-Secur...

8.8CVSS7.5AI score0.0045EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2025/05/23 3:53 a.m.•5 views

CVE-2023-33599

EasyImages2.0 ≤ 2.8.1 is vulnerable to Cross Site Scripting XSS via viewlog.php...

6.1CVSS6AI score0.00434EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 2:13 a.m.•9 views

CVE-2023-7098

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexi...

5.3CVSS7AI score0.00656EPSS

Exploits0References1