CVE-2010-1598

Summary: CVE-2010-1598 affects phpThumb.php in phpThumb() 1.7.9 (and possibly earlier) when ImageMagick is installed, enabling remote command execution via the fltr[] parameter. Several sources corroborate a PHPThumb command-injection vulnerability exposed through the ImageMagick-related filter h...

CVE-2012-2910

CVE-2012-2910 affects SiliSoftware phpThumb() version 1.7.11. The vulnerability is a cross-site scripting (XSS) flaw: remote attackers can inject arbitrary web script or HTML via the following user-supplied parameters in demo/phpThumb.demo.* scripts: (1) dir in phpThumb.demo.random.php and (2) ti...