Lightpicture Security Vulnerabilities and Issues — Lightpicture CVE List

Lucene search

OsuuuLightpicture

4 matches found

CVE•added 2024/02/27 2:15 p.m.•110 views

CVE-2024-1920

A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2.2. This issue affects the function handle of the file /app/middleware/TokenVerify.php. The manipulation leads to use of hard-coded cryptographic key. The attack may be initiated remotely. The complexit...

8.1CVSS6.1AI score0.0019EPSS

CVE•added 2024/02/27 3:15 p.m.•101 views

CVE-2024-1921

A vulnerability, which was classified as critical, was found in osuuu LightPicture up to 1.2.2. Affected is an unknown function of the file /app/controller/Setup.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the p...

9.8CVSS5.3AI score0.00122EPSS

CVE•added 2025/01/05 3:15 p.m.•69 views

CVE-2024-13141

A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotely....

5.4CVSS3.9AI score0.00041EPSS

CVE•added 2025/03/02 11:15 p.m.•67 views

CVE-2025-1835

A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been d...

6.5CVSS6.5AI score0.00044EPSS