3 matches found
CVE-2026-34374 AVideo has SQL Injection in Live_schedule::keyExists() via Unparameterized Stream Key
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Liveschedule::keyExists method constructs a SQL query by interpolating a stream key directly into the query string without parameterization. This method is called as a fallback from LiveTransmition::keyExists...
EUVD-2026-16750
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Liveschedule::keyExists method constructs a SQL query by interpolating a stream key directly into the query string without parameterization. This method is called as a fallback from LiveTransmition::keyExists...
PT-2026-28624
Name of the Vulnerable Software and Affected Versions WWBN AVideo versions up to and including 26.0 Description WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Live schedule::keyExists method builds a SQL query by directly inserting a stream key into the...