This vulnerability in DigiWidgets Image Editor (<= 1.10) allows an attacker to perform remote code inclusion due to improper control over code generation. The flaw enables execution of arbitrary code on the affected system without requiring privileges or user interaction. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) reflects a network attack vector with low complexity, no privileges or user interaction needed, and complete impact on system confidentiality, integrity, and availability. No patch or vendor advisory is currently available to confirm remediation status.

Successful exploitation can lead to full system compromise, including unauthorized disclosure, modification, and destruction of data. The vulnerability allows remote attackers to execute arbitrary code, potentially taking full control of affected systems running DigiWidgets Image Editor versions up to 1.10. This poses a critical risk to affected environments.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider restricting network access to systems running DigiWidgets Image Editor and monitor for suspicious activity related to this product. Avoid exposing the application to untrusted networks.