CVE-2025-65471

High CVSS: 8.8

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file.

Vendor

Easyimages2.0 Project

Product

Easyimages2.0

CWE

CWE-434

Yayın Tarihi

2025-12-11 17:15:57

Güncelleme

2025-12-18 21:15:56

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-434 Easyimages2.0 HIGH Easyimages2.0 Project 2025

Referanslar

https://congsec.cn/?id=20251102153546-i712jss https://gist.github.com/CongSec/cd3d3ee57b8e6f83c7038e2263c15120

Benzer Kayıtlar

Critical

CVE-2025-65474

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows att…

High

CVE-2025-65472

A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows atta…

Critical

CVE-2025-65473

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attac…

Medium

CVE-2025-13415

A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php…