Metrics
Affected Vendors & Products
| Source | ID | Title | 
|---|---|---|
|  EUVD | EUVD-2025-5848 | A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | 
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Tue, 04 Mar 2025 03:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Sun, 02 Mar 2025 22:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |
| Title | osuuu LightPicture Api.php upload unrestricted upload | |
| Weaknesses | CWE-284 CWE-434 | |
| References |  | |
| Metrics | cvssV2_0 
 
 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-03-03T20:08:58.014Z
Reserved: 2025-03-01T19:57:55.827Z
Link: CVE-2025-1835
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-03-03T17:14:52.044Z
 NVD
                        NVD
                    Status : Received
Published: 2025-03-02T23:15:10.477
Modified: 2025-03-03T20:15:44.867
Link: CVE-2025-1835
 Redhat
                        Redhat
                    No data.
 OpenCVE Enrichment
                        OpenCVE Enrichment
                    Updated: 2025-07-12T15:26:25Z