2 matches found
CVE-2026-34740
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the EPG Electronic Program Guide link feature in AVideo allows authenticated users with upload permissions to store arbitrary URLs that the server fetches on every EPG page visit. The URL is validated only with PHP's...
PT-2026-29367
Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and earlier Description AVideo, an open source video platform, contains a stored server-side request forgery SSRF issue in the Electronic Program Guide EPG link feature. Authenticated users with upload permissions can stor...