[MEDIUM] phpThumb is vulnerable to Command Injection through its gif_outputAsJpeg function

PKSA-hmp4-h7hb-bhj5 CVE-2025-52994 GHSA-q745-cfqh-hcrw

Affected version: <=1.7.23

Reported by:
GitHub

[MEDIUM] phpThumb is vulnerable to Server-Side Request Forgery (SSRF)

PKSA-f6vp-bgv1-xv3m CVE-2013-6919 GHSA-3747-gjc9-vvg6

Affected version: <1.7.12

Reported by:
GitHub