Phpthumb Project Phpthumb — known CVE vulnerabilities
Every CVE whose affected-product data names Phpthumb Project Phpthumb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2016-10508 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() before 1.7.14 allow remote attackers to inject arbitrary web script or…
CVE-2013-6919 — CVSS 4.3 (medium): The default configuration of phpThumb before 1.7.12 has a false value for the disable_debug option, which allows remote attackers to…