CVE-2017-12905

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1180%

EPSS Percentile13.30th

Published2017年9月25日

Last Modified2026年5月13日

Vulnerability Description

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.

Affected Platforms (CPE)

📦

Vebto

Pixie Image Editor

= 1.4

📦

Vebto

Pixie Image Editor

= 1.7

References & Advisories

🔗 http://seclists.org/fulldisclosure/2017/Sep/47

相關漏洞威脅

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2017-1399510.0

An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webser...

CVE-2017-792810.0

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gatewa...

CVE-2017-1040210.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report...