4 matches found
CVE-2025-67079
File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...
EUVD-2026-2759
File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...
CVE-2025-67079
CVE-2025-67079 describes a file upload vulnerability in Omnispace Agora Project prior to 25.10. The issue allows code execution via the MSL engine of the Imagick library when a crafted PDF is uploaded through the file upload and thumbnail functions. The underlying cause is misuse in handling craf...
Wordpress 4.5.1 Remote Command Execute
来源 http://ricterz.me/,格式稍作整理 ImageMagick ImageMagick 昨天曝出 CVE-2016-3714,Java、PHP 的库也受其影响可参考 https://www.seebug.org/vuldb/ssvid-91446 。其中 PHP 的库 Imagick 应用广泛,波及也大。Wordpress 也就是受此漏洞影响出现了 RCE。 这个漏洞很蠢,ImageMagick 在 MagickCore/constitute.c 的 ReadImage 函数中解析图片,如果图片地址是https://开头的,即调用 InvokeDelegate。...