Packagist (Composer) package
helloxz/imgurl
pkg:composer/helloxz/imgurl
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-29305 | — | — | — | May 24, 2022 | imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost. | ||
| CVE-2021-38713 | — | <= 2.31 | — | Aug 16, 2021 | imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header. |
- CVE-2022-29305May 24, 2022
imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost.
- CVE-2021-38713Aug 16, 2021affected <= 2.31
imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header.