Easyimages2.0_project Easyimages2.0
8 CVEs affecting Easyimages2.0_project Easyimages2.0. Latest disclosed: 2025-12-11. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-65474 | Critical | 9.8 | 2025-12-11 | An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via re… |
CVE-2025-65473 | Critical | 9.1 | 2025-12-11 | An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to e… |
CVE-2025-65472 | High | 8.8 | 2025-12-11 | A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Adminis… |
CVE-2025-65471 | High | 8.8 | 2025-12-11 | An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via up… |
CVE-2023-33599 | Medium | 6.1 | 2023-05-23 | EasyImages2.0 ≤ 2.8.1 is vulnerable to Cross Site Scripting (XSS) via viewlog.php. |
CVE-2023-1181 | Medium | 5.4 | 2023-03-05 | Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7. |
CVE-2025-13415 | Low | 3.5 | 2025-11-19 | A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. Th… |
CVE-2023-7098 | Low | 3.1 | 2023-12-25 | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the f… |