Picuploader Project Picuploader — known CVE vulnerabilities
Every CVE whose affected-product data names Picuploader Project Picuploader, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-36748 — CVSS 6.1 (medium): PicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php.
CVE-2022-41442 — CVSS 6.1 (medium): PicUploader v2.6.3 was discovered to contain cross-site scripting (XSS) vulnerability via the setStorageParams function in…