icret/EasyImages2.0

icret/EasyImages2.0

Releases53

Frequency3 weeks 6 days

Last Release about 1 year ago

Stars3.75K

简单图床 - 一款功能强大无数据库的图床 2.0版

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-13415 ↗	Nov 19, 2025Wednesday, 19 November 2025, 22:16	3.5 LOW	4 MEDIUM
A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely.
CVE-2023-33599 ↗	May 23, 2023Tuesday, 23 May 2023, 15:15	6.1 MEDIUM	—
EasyImages2.0 ≤ 2.8.1 is vulnerable to Cross Site Scripting (XSS) via viewlog.php.
CVE-2023-1181 ↗	Mar 5, 2023Sunday, 5 March 2023, 17:15	5.4 MEDIUM	—
Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7.