This could be exploited, for instance, for spamming (the URL could be one that attempts to post a comment to another site);
or to attack the local site by attempting to exploit buffer overflows, etc., in the image-parsing library.
hansfn wrote:Since timthumb.php does a get request for the image, this is very, very, very unlikely (and you know why). However,
Users browsing this forum: No registered users and 4 guests