3 matches found
PT-2025-54208
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...
Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF
The plugin is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks due to copyright violations or licensing rules. PoC...
Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF
The plugin is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks due to copyright violations or licensing rules. document.getElementById"test".submit;...