CVE-2024-5409

RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...

CVE-2024-5409 Cross-site Scripting vulnerability in RhinOS from SaltOS

RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...

CVE-2024-5409 Cross-site Scripting vulnerability in RhinOS from SaltOS

RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...

PT-2024-36025 · Rhinos +1 · Rhinos +1

Name of the Vulnerable Software and Affected Versions: RhinOS versions 3.0-1190 Description: The issue allows for an XSS attack via the tamper parameter in the "/admin/lib/phpthumb/phpthumb.php" API endpoint. An attacker could create a malicious URL and send it to a victim to obtain their session...

opbh.com.br XSS vulnerability

Vulnerable URL: http://www.opbh.com.br/admin/wp-content/plugins/fresh-page/thirdparty/phpthumb/phpThumb.php?src="'--!=300=200 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown...

Wordpress fresh-page 插件-phpThumb.php文件src参数-跨站脚本漏洞

No description provided by source...

Joomla Alphauserpoints phpThumb.php Shell Upload

Title : Joomla comalpahuserpoints Remote Code Execution Author : DevilScreaM Date : 1 Desember 2013 Category : Web Applications Type : PHP Vendor : http://alphaplug.com/ Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security Indonesian Hacker | Indonesian Exploiter |...

phpThumb - 'phpThumbDebug' Information Disclosure

Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure Google Dork: inurl:phpThumb.php Date: 06/05/2011 Author: mook Software Link: http://phpthumb.sourceforge.net/download Version: 1.7.9 Tested on: linux Vulnerability: Information disclosure which includes absolute system paths, os...

Plogger Remote File Disclosure Vulnerability

Exploit for php platform in category web applications ============================================ Plogger Remote File Disclosure Vulnerability ============================================ Plogger Remote File Disclosure Vulnerability http://www.plogger.org/ dork : Powered by Plogger! author:...

Information disclosure

phpThumb.php in phpThumb 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr parameter, as discovered in the wild in April 2010. NOTE: the provenance of this information is unknown; the details are obtained solely fr...

CVE-2010-1598

phpThumb.php in phpThumb 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr parameter, as discovered in the wild in April 2010. NOTE: the provenance of this information is unknown; the details are obtained solely fr...

CVE-2010-1598

Summary: CVE-2010-1598 affects phpThumb.php in phpThumb() 1.7.9 (and possibly earlier) when ImageMagick is installed, enabling remote command execution via the fltr[] parameter. Several sources corroborate a PHPThumb command-injection vulnerability exposed through the ImageMagick-related filter h...

CVE-2007-2643

Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the src parameter...

CVE-2007-2643

The CVE-2007-2643 issue affects phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0. The vulnerability is a directory traversal flaw triggered by a .. in the src parameter, allowing remote attackers to read arbitrary files. The available data does not specify affected versions beyond the prod...

CVE-2007-2643

Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the src parameter...

maGAZIn 2.0 (phpThumb.php src) Remote File Disclosure Vulnerability

Exploit for unknown platform in category web applications =================================================================== maGAZIn 2.0 phpThumb.php src Remote File Disclosure Vulnerability =================================================================== \|/// \ - - // @ @...

maGAZIn 2.0 - PHPThumb.php?src Remote File Disclosure

maGAZIn 2.0 - PHPThumb.php?src Remote File Disclosure \|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ /...

maGAZIn 2.0 - 'PHPThumb.php?src' Remote File Disclosure

\|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ / --------------------------------------------------------------------- ! Portal...