Serious ImageMagick vulnerabilities discovered May 07, 2016
In case you haven't heard about there were some serious vulnerabilites in ImageMagick discovered:
There are multiple vulnerabilities in ImageMagick, a package commonly used by web services to process images. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted images. The exploit for this vulnerability is being used in the wild.
A number of image processing plugins depend on the ImageMagick library, including, but not limited to, PHP’s imagick, Ruby’s rmagick and paperclip, and nodejs’s imagemagick.
Since Zenphoto may use PHP Imagick for image processing you might be affected as well especially if you let third parties upload images to your site.
Since this a server side extension (...)