xiebruce/PicUploader

xiebruce/PicUploader

www.xiebruce.top

Releases0

Stars1.21K

一个还不错的图床工具，支持Mac/Win/Linux服务器、支持压缩后上传、添加图片或文字水印、多文件同时上传、同时上传到多个云、右击任意文件上传、快捷键上传剪贴板截图、Web版上传、支持作为Mweb/Typora发布图片接口、作为PicGo/ShareX/uPic等的自定义图床，支持在服务器上部署作为图床接口，支持上传任意格式文件。

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-44794 ↗	Aug 26, 2024Monday, 26 August 2024, 20:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in the component /master/auth/OnedriveRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.
CVE-2024-44796 ↗	Aug 26, 2024Monday, 26 August 2024, 20:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.
CVE-2022-41442 ↗	Oct 7, 2022Friday, 7 October 2022, 22:15	6.1 MEDIUM	—
PicUploader v2.6.3 was discovered to contain cross-site scripting (XSS) vulnerability via the setStorageParams function in SettingController.php.
CVE-2022-36748 ↗	Aug 30, 2022Tuesday, 30 August 2022, 22:15	6.1 MEDIUM	—
PicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php.