Filtered by vendor Phpthumb Project
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52994 | 1 Phpthumb Project | 1 Phpthumb | 2025-07-15 | 4.9 Medium |
| gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7.23-202506081709. | ||||
| CVE-2016-10508 | 1 Phpthumb Project | 1 Phpthumb | 2025-04-20 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() before 1.7.14 allow remote attackers to inject arbitrary web script or HTML via parameters in demo/phpThumb.demo.showpic.php. | ||||
| CVE-2013-6919 | 1 Phpthumb Project | 1 Phpthumb | 2025-04-12 | N/A |
| The default configuration of phpThumb before 1.7.12 has a false value for the disable_debug option, which allows remote attackers to conduct Server-Side Request Forgery (SSRF) attacks via the src parameter. | ||||
Page 1 of 1.