Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/27 6:11 p.m.3 views

CVE-2026-34364 AVideo has User Group-Based Category Access Control Bypass via Missing and Broken Group Filtering in categories.json.php

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the categories.json.php endpoint, which serves the category listing API, fails to enforce user group-based access controls on categories. In the default request path no ?user= parameter, user group filtering is...

5.3CVSS5.8AI score0.00319EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/27 6:11 p.m.23 views

CVE-2026-34364 AVideo has User Group-Based Category Access Control Bypass via Missing and Broken Group Filtering in categories.json.php

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the categories.json.php endpoint, which serves the category listing API, fails to enforce user group-based access controls on categories. In the default request path no ?user= parameter, user group filtering is...

5.3CVSS0.00319EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 6:11 p.m.5 views

CVE-2026-34364

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the categories.json.php endpoint, which serves the category listing API, fails to enforce user group-based access controls on categories. In the default request path no ?user= parameter, user group filtering is...

5.3CVSS5.8AI score0.00319EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/27 6:11 p.m.2 views

CVE-2026-34364 AVideo has User Group-Based Category Access Control Bypass via Missing and Broken Group Filtering in categories.json.php

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the categories.json.php endpoint, which serves the category listing API, fails to enforce user group-based access controls on categories. In the default request path no ?user= parameter, user group filtering is...

5.3CVSS5.8AI score0.00319EPSS
Exploits1References4
Rows per page
Query Builder