17 matches found
CVE-2025-13415
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely...
CVE-2025-13415
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely...
CVE-2025-13415
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely...
CVE-2025-13415 icret EasyImages SVG Image upload.php cross site scripting
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely...
CVE-2025-13415 icret EasyImages SVG Image upload.php cross site scripting
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely...
CVE-2025-13415
CVE-2025-13415 affects icret EasyImages up to 2.8.6. The issue lies in the SVG Image Handler’s /app/upload.php where manipulating the File parameter enables cross-site scripting. Attacks are described as remotely initiable. The Red Hat and other feeds corroborate the same vulnerability details. N...
PT-2025-47537
Name of the Vulnerable Software and Affected Versions icret EasyImages versions up to 2.8.6 Description A flaw exists in icret EasyImages, specifically within the SVG Image Handler component, affecting the file /app/upload.php. Manipulation of the File argument can lead to cross site scripting...
CVE-2023-7098
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexi...
CVE-2023-7098
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexi...
Path traversal
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexi...
CVE-2023-7098 icret EasyImages hide.php path traversal
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexi...
CVE-2023-7098
A vulnerability (CVE-2023-7098) affects icret EasyImages 2.8.3. The issue resides in unknown code within app/hide.php, where manipulating the key argument enables path traversal (e.g., ../filedir). Remote exploitation is possible but the attack complexity is high; exploitation has been disclosed ...
CVE-2023-7098 icret EasyImages hide.php path traversal
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexi...
PT-2023-32872 · Unknown · Icret Easyimages
Name of the Vulnerable Software and Affected Versions: icret EasyImages version 2.8.3 Description: A problematic vulnerability was found in icret EasyImages, affecting unknown code of the file app/hide.php. The manipulation of the key argument leads to path traversal, allowing an attacker to acce...
CVE-2023-1181
CVE-2023-1181 is a stored Cross-site Scripting (XSS) vulnerability in the icret/easyimages2.0 project, reported to affect versions prior to 2.6.7. The issue arises from storing unvalidated user input, enabling injected scripts to be executed in affected applications. Multiple sources (NVD, Red Ha...
CVE-2023-1181 Cross-site Scripting (XSS) - Stored in icret/easyimages2.0
Cross-site Scripting XSS - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7...
PT-2023-16804 · Unknown · Icret/Easyimages2.0
Name of the Vulnerable Software and Affected Versions: icret/easyimages2.0 versions prior to 2.6.7 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation, allowing attackers to inject malicious scripts...