2 matches found
CVE-2026-41304
WWBN AVideo is an open source video platform. In versions 29.0 and below, the cloneServer.json.php endpoint in the CloneSite plugin constructs shell commands using user-controlled input url parameter without proper sanitization. The input is directly concatenated into a wget command executed via...
CVE-2026-41304
creationtimestamp| type| source ---|---|--- 2026-04-15 14:35:01+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-xr6f-h4x7-r6qp 2026-04-22 01:19:46+00:00| seen| Telegram/K73t--MeF8g6jG3bb2C-tygRugHSGj3gpQqllzPf61swe44 2026-04-22 02:22:08+00:00| seen|...