4 matches found
CVE-2022-33148
creationtimestamp| type| source ---|---|--- 2022-08-22 22:20:40+00:00| seen| https://t.me/cibsecurity/48536 2025-04-15 18:55:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11893...
CVE-2022-33148
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules...
CVE-2022-33148
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules...
CVE-2022-33148
CVE-2022-33148 affects WWBN AVideo 11.6 and dev master (ObjectYPT live schedules). The vulnerability arises from SQL injections in the Live Schedules plugin due to unsanitized inputs (e.g., title/description) being concatenated into SQL within ObjectYPT-based save operations, allowing attackers t...