Vulnerabilities > CVE-2013-6919 - Remote Security vulnerability in PHPthumb Project PHPthumb 1.7.11
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
phpthumb-project
Summary
The default configuration of phpThumb before 1.7.12 has a false value for the disable_debug option, which allows remote attackers to conduct Server-Side Request Forgery (SSRF) attacks via the src parameter. <a href="http://cwe.mitre.org/data/definitions/918.html">CWE-918: Server-Side Request Forgery (SSRF)</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |