HackTesting

CVE-2017-12905

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.

References

http://seclists.org/fulldisclosure/2017/Sep/47