CVE-2025-65474

Critical CVSS: 9.8

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format.

Vendor

Easyimages2.0 Project

Product

Easyimages2.0

CWE

CWE-706

Yayın Tarihi

2025-12-11 17:15:58

Güncelleme

2025-12-19 19:46:51

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-706 Easyimages2.0 CRITICAL Easyimages2.0 Project 2025

Referanslar

https://congsec.cn?id=20251103234511-9418dk9 https://gist.github.com/CongSec/3cf968621f71a7da35dcc9b8f0b29bb2

Benzer Kayıtlar

High

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows att…

High

CVE-2025-65472

A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows atta…

Critical

CVE-2025-65473

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attac…

Medium

CVE-2025-13415

A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php…