CVE-2023-25699

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15...

EUVD-2025-5379

Malicious code in bioql PyPI...

EUVD-2023-29609

Malicious code in bioql PyPI...

CVE-2025-26752

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Path Traversal.This issue affects Broadcast Live Video: from n/a through = 6.2...

CVE-2025-26753

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Path Traversal.This issue affects Broadcast Live Video: from n/a through = 6.2...

CVE-2025-26753

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Path Traversal.This issue affects Broadcast Live Video: from n/a through = 6.2...

CVE-2025-26752

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Path Traversal.This issue affects Broadcast Live Video: from n/a through = 6.2...

CVE-2025-26753 WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in videowhisper Broadcast Live Video videowhisper-live-streaming-integration allows Path Traversal.This issue affects Broadcast Live Video: from n/a through = 6.2...

CVE-2025-26753

CVE-2025-26753 describes an Arbitrary File Download vulnerability in WordPress VideoWhisper Live Streaming Integration plugin, affecting versions n/a through 6.2. The issue stems from improper restriction of a pathname, enabling path traversal and potential unauthorized file access. Public refere...

CVE-2025-26752

CVE-2025-26752 describes a path traversal vulnerability in the WordPress plugin VideoWhisper Live Streaming Integration (versions n/a through 6.2). The root cause is improper limitation of a pathname to a restricted directory, enabling traversal to unrelated files. Public reports across multiple ...

WordPress plugin VideoWhisper Live Streaming Integration 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

PT-2025-7827 · Unknown · Videowhisper Live Streaming Integration

Name of the Vulnerable Software and Affected Versions: VideoWhisper Live Streaming Integration versions n/a through 6.2 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows unauthorized access to files and...

CVE-2023-25699

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15...

CVE-2023-25699 WordPress VideoWhisper Live Streaming Integration plugin <= 5.5.15 - Remote Code Execution (RCE)

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15...

WordPress Plugin VideoWhisper Live Streaming Integration 操作系统命令注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin VideoWhisper Live Streaming...

Unrestricted file upload

Unrestricted file upload vulnerability in ls/vwsnapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then accessing the file via a direct request to a...

CVE-2014-4569

Cross-site scripting XSS vulnerability in ls/vvlogin.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomname parameter...

CVE-2014-1906

Multiple cross-site scripting XSS vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 m parameter to lbstatus.php; 2 msg parameter to vcchatlog.php; n parameter to 3 channel.php, ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 m parameter to lbstatus.php; 2 msg parameter to vcchatlog.php; n parameter to 3 channel.php, ...

CVE-2014-1907

Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to 1 read arbitrary files via a .. dot dot in the s parameter to ls/rtmplogin.php or 2 delete arbitrary files via a .. dot dot in the s parameter t...