CVE-2025-65473 - Easyimages2.0 Project Easyimages2.0

Critical 9.1

An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name.

Affected software

Easyimages2.0 Project Easyimages2.0

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.