Lucene search
K

455 matches found

EUVD
EUVD
added 2025/11/07 5:12 a.m.7 views

EUVD-2025-38242

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...

8.6CVSS5.9AI score0.00248EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/07 5:12 a.m.5 views

CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...

8.6CVSS6AI score0.00248EPSS
Exploits1References2
CVE
CVE
added 2025/11/07 5:12 a.m.16 views

CVE-2025-64339

Summary: ClipBucket v5 is affected by a stored XSS in the Manage Playlists feature, specifically in the Playlist Name field, for versions 5.5.2-#146 and below. An authenticated, low-privileged user can create a playlist with a malicious name that renders HTML/JavaScript unescaped on playlist deta...

8.6CVSS6AI score0.00248EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/11/07 5:12 a.m.8 views

CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...

8.6CVSS6.4AI score0.00248EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/07 5:12 a.m.13 views

CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...

8.6CVSS0.00248EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/07 4:32 a.m.7 views

EUVD-2025-38244

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...

8.6CVSS6.1AI score0.00282EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/07 4:32 a.m.12 views

CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...

8.6CVSS0.00282EPSS
Exploits1References3
CVE
CVE
added 2025/11/07 4:32 a.m.29 views

CVE-2025-64336

Summary: ClipBucket v5 (versions 5.5.2-#146 and earlier) is vulnerable to a stored XSS via the Photo Title in the Admin → Manage Photos feature. An authenticated regular user can upload a photo with HTML/JavaScript code in the title, which is rendered unsafely in the administrator’s Manage Photos...

8.6CVSS6.2AI score0.00282EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/07 4:32 a.m.6 views

CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...

8.6CVSS6.2AI score0.00282EPSS
Exploits1References3
OSV
OSV
added 2025/11/07 4:32 a.m.9 views

CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...

8.6CVSS6.6AI score0.00282EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/07 12:19 a.m.12 views

CVE-2025-64114

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...

6.5CVSS8AI score0.00385EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.3 views

ClipBucket V5 安全漏洞

ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A security vulnerability exists in ClipBucket V5. An attacker exploiting this vulnerability could perform operations with elevated privileges...

9CVSS6.6AI score0.00396EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.7 views

ClipBucket V5 安全漏洞

ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A security vulnerability exists in ClipBucket V5 5.5.2-146 and prior versions, which stems from the Manage Photos feature mishandling the Photo Title parameter, which could lead to a stored cross-site scripting attack...

8.6CVSS5.8AI score0.00282EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.9 views

PT-2025-45407

Name of the Vulnerable Software and Affected Versions ClipBucket versions 5.5.2-146 and below Description ClipBucket is a video sharing platform. A stored Cross-site Scripting XSS issue exists in the Manage Photos feature. An authenticated regular user can upload a photo with a malicious Photo...

8.6CVSS6.3AI score0.00282EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.7 views

ClipBucket V5 跨站脚本漏洞

ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A cross-site scripting vulnerability exists in ClipBucket V5 5.5.2-146 and prior versions, which stems from the Playlist Name field not being properly cleaned and escaped, and could lead to a stored cross-site scripti...

8.6CVSS5.8AI score0.00248EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.11 views

PT-2025-45408

Name of the Vulnerable Software and Affected Versions ClipBucket versions 5.5.2-146 and below Description ClipBucket is a video sharing platform. Versions 5.5.2-146 and below have a stored Cross-site Scripting XSS issue in the Manage Playlists feature. Specifically, the Playlist Name field allows...

8.6CVSS6.3AI score0.00248EPSS
Exploits1References7
NVD
NVD
added 2025/11/06 12:15 a.m.7 views

CVE-2025-64114

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...

6.5CVSS0.00385EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

ClipBucket SQL注入漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A SQL injection vulnerability exists in ClipBucket v5 versions 5.5.2 through 151 and earlier, which originates from a certified administrator with plugin management...

6.5CVSS8.3AI score0.00385EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/05 11:30 p.m.4 views

CVE-2025-64114 ClipBucket v5: SQL Injection possible through ClipBucket Custom Fields plugin

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...

6.5CVSS7.5AI score0.00385EPSS
Exploits1References3
CVE
CVE
added 2025/11/05 11:30 p.m.14 views

CVE-2025-64114

Summary: ClipBucket v5 (versions 5.5.2 and earlier) is vulnerable to an SQL injection through the ClipBucket Custom Fields plugin. The issue requires an authenticated administrator with plugin-management privileges and access to the Custom Fields plugin to execute arbitrary SQL against the databa...

6.5CVSS7.5AI score0.00385EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder