CVE-2025-52994 | phpThumb up to 1.7.23 Parameter phpthumb.gif.php gif_outputAsJpeg os command injection

A vulnerability has been found in phpThumb up to 1.7.23 and classified as critical. This vulnerability affects the function gif_outputAsJpeg of the file phpthumb.gif.php of the component Parameter Handler. The manipulation leads to os command injection.

This vulnerability was named CVE-2025-52994. The attack can be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More