455 matches found
EUVD-2025-38242
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...
CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...
CVE-2025-64339
Summary: ClipBucket v5 is affected by a stored XSS in the Manage Playlists feature, specifically in the Playlist Name field, for versions 5.5.2-#146 and below. An authenticated, low-privileged user can create a playlist with a malicious name that renders HTML/JavaScript unescaped on playlist deta...
CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...
CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...
EUVD-2025-38244
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...
CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...
CVE-2025-64336
Summary: ClipBucket v5 (versions 5.5.2-#146 and earlier) is vulnerable to a stored XSS via the Photo Title in the Admin → Manage Photos feature. An authenticated regular user can upload a photo with HTML/JavaScript code in the title, which is rendered unsafely in the administrator’s Manage Photos...
CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...
CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...
CVE-2025-64114
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...
ClipBucket V5 安全漏洞
ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A security vulnerability exists in ClipBucket V5. An attacker exploiting this vulnerability could perform operations with elevated privileges...
ClipBucket V5 安全漏洞
ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A security vulnerability exists in ClipBucket V5 5.5.2-146 and prior versions, which stems from the Manage Photos feature mishandling the Photo Title parameter, which could lead to a stored cross-site scripting attack...
PT-2025-45407
Name of the Vulnerable Software and Affected Versions ClipBucket versions 5.5.2-146 and below Description ClipBucket is a video sharing platform. A stored Cross-site Scripting XSS issue exists in the Manage Photos feature. An authenticated regular user can upload a photo with a malicious Photo...
ClipBucket V5 跨站脚本漏洞
ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A cross-site scripting vulnerability exists in ClipBucket V5 5.5.2-146 and prior versions, which stems from the Playlist Name field not being properly cleaned and escaped, and could lead to a stored cross-site scripti...
PT-2025-45408
Name of the Vulnerable Software and Affected Versions ClipBucket versions 5.5.2-146 and below Description ClipBucket is a video sharing platform. Versions 5.5.2-146 and below have a stored Cross-site Scripting XSS issue in the Manage Playlists feature. Specifically, the Playlist Name field allows...
CVE-2025-64114
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...
ClipBucket SQL注入漏洞
ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A SQL injection vulnerability exists in ClipBucket v5 versions 5.5.2 through 151 and earlier, which originates from a certified administrator with plugin management...
CVE-2025-64114 ClipBucket v5: SQL Injection possible through ClipBucket Custom Fields plugin
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - 151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields plugin. The vulnerabilities require the Custom...
CVE-2025-64114
Summary: ClipBucket v5 (versions 5.5.2 and earlier) is vulnerable to an SQL injection through the ClipBucket Custom Fields plugin. The issue requires an authenticated administrator with plugin-management privileges and access to the Custom Fields plugin to execute arbitrary SQL against the databa...