CVE-2025-1835
- EPSS 0.1%
- Veröffentlicht 02.03.2025 23:15:10
- Zuletzt bearbeitet 03.03.2025 20:15:44
A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack ...
CVE-2024-13141
- EPSS 0.14%
- Veröffentlicht 05.01.2025 15:15:17
- Zuletzt bearbeitet 10.01.2025 21:39:47
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site...
CVE-2024-1921
- EPSS 0.12%
- Veröffentlicht 27.02.2024 15:15:07
- Zuletzt bearbeitet 18.12.2024 18:21:45
A vulnerability, which was classified as critical, was found in osuuu LightPicture up to 1.2.2. Affected is an unknown function of the file /app/controller/Setup.php. The manipulation leads to unrestricted upload. It is possible to launch the attack ...
CVE-2024-1920
- EPSS 0.19%
- Veröffentlicht 27.02.2024 14:15:27
- Zuletzt bearbeitet 18.12.2024 18:16:07
A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2.2. This issue affects the function handle of the file /app/middleware/TokenVerify.php. The manipulation leads to use of hard-coded cryptographic key . ...