Skip to main content

Timthumb

1 CVEs product

Monthly

CVE-2014-4663 MEDIUM POC THREAT This Month

TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.8%.

RCE Code Injection Timthumb Wordthumb
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
16.8%
EPSS 17% CVSS 6.8
MEDIUM POC THREAT This Month

TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.8%.

RCE Code Injection Timthumb +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy