easyimages2.0
by icret
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33599 | Med | 0.40 | 6.1 | 0.00 | May 23, 2023 | EasyImages2.0 ≤ 2.8.1 is vulnerable to Cross Site Scripting (XSS) via viewlog.php. | ||
| CVE-2023-7098 | Low | 0.20 | 3.1 | 0.01 | Dec 25, 2023 | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be… | ||
| CVE-2025-13415 | 0.00 | — | 0.00 | Nov 19, 2025 | A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. | |||
| CVE-2023-1181 | Med | 0.00 | 5.4 | 0.00 | Mar 5, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7. |
- risk 0.40cvss 6.1epss 0.00
EasyImages2.0 ≤ 2.8.1 is vulnerable to Cross Site Scripting (XSS) via viewlog.php.
- risk 0.20cvss 3.1epss 0.01
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be…
- CVE-2025-13415Nov 19, 2025risk 0.00cvss —epss 0.00
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely.
- risk 0.00cvss 5.4epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7.