Vebto Pixie Image Editor 1.4/1.7 Launderer.php url server-side request forgery

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Vebto Pixie Image Editor 1.4/1.7. This vulnerability affects an unknown part of the file Launderer.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
713791111/19/2019VulD...discoverydate150586560011/19/2019accepted100
713796409/26/2017VulD...cvss3_nvd_basescore10.0nist.gov09/26/2017accepted90
713796309/26/2017VulD...0day_days509/26/2017accepted90
713796209/26/2017VulD...cvss3_vuldb_rcX09/26/2017accepted90
713796109/26/2017VulD...cvss3_vuldb_rlX09/26/2017accepted90
713796009/26/2017VulD...cvss3_vuldb_eX09/26/2017accepted90
713795909/26/2017VulD...cvss2_vuldb_rcND09/26/2017accepted90
713795809/26/2017VulD...cvss2_vuldb_rlND09/26/2017accepted90
713795709/26/2017VulD...cvss2_vuldb_eND09/26/2017accepted90
713795609/26/2017VulD...cve_nvd_summaryServer Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.mitre.org09/26/2017accepted100
713795509/26/2017VulD...cve_nvd_published1506297600mitre.org09/26/2017accepted100
713795409/26/2017VulD...cve_assigned1502928000mitre.org09/26/2017accepted100
713795309/26/2017VulD...cveCVE-2017-12905mitre.org09/26/2017accepted100
713795209/26/2017VulD...price_0day$0-$5ksee documentation09/26/2017accepted100
713795109/26/2017VulD...urlhttp://seclists.org/fulldisclosure/2017/Sep/47seclists.org09/26/2017accepted100
713795009/26/2017VulD...typeMailinglist Post09/26/2017accepted100
713794909/26/2017VulD...locationFull-Disclosure09/26/2017accepted100
713794809/26/2017VulD...date1506297600 (09/25/2017)09/26/2017accepted100
713794709/26/2017VulD...cvss3_nvd_aHnist.gov09/26/2017accepted100
713794609/26/2017VulD...cvss3_nvd_iHnist.gov09/26/2017accepted100

Do you know our Splunk app?

Download it now for free!