Lucene search
GoogleOSV:CVE-2019-5116HistoryOct 25, 2019 - 6:15 p.m.
CVE-2019-5116
2019-10-2518:15:11
Google
osv.dev
2
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain configuration, access the underlying operating system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| youphptube | eq | 7.2 | |
| youphptube | eq | 7.3 | |
| youphptube | eq | 2.2 | |
| youphptube | eq | 2.4 | |
| youphptube | eq | 7.4 | |
| youphptube | eq | 5.0 | |
| youphptube | eq | 2.7 | |
| youphptube | eq | 7.5 | |
| youphptube | eq | 3.4 | |
| youphptube | eq | 4.0.1 |
Related
cve
cve
CVE-2019-5116
2019-10-25 18:15:11
prion
prion
Sql injection
2019-10-25 18:15:00
talos
talos
YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability
2019-10-17 00:00:00
cvelist
cvelist
CVE-2019-5116
2019-10-25 17:17:39
nvd
nvd
CVE-2019-5116
2019-10-25 18:15:11
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in YouPHPTube
2019-10-30 06:27:28