CVE-2013-6919

Name of the Vulnerable Software and Affected Versions phpThumb versions prior to 1.7.12

Description The issue concerns the default configuration of phpThumb, where the disable debug option is set to false, allowing remote attackers to conduct Server-Side Request Forgery (SSRF) attacks. This is achieved by exploiting the src parameter.

Recommendations For versions prior to 1.7.12, update to version 1.7.12 or later to resolve the issue. As a temporary workaround, consider setting the disable debug option to true to prevent SSRF attacks via the src parameter.