CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

PT-2026-5929

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

EUVD-2025-206727

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

MediaCrush up to version 1.0.1 is affected by an unauthenticated remote file upload vulnerability at the /upload endpoint, enabling attackers to upload arbitrary file sizes. Root cause details are not provided in the sources. No explicit mitigation or patches are described in the available docume...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-13803

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803 MediaCrush Header paths.py http headers for scripting syntax

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803 MediaCrush Header paths.py http headers for scripting syntax

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803

MediaCrush 1.0.0/1.0.1 contains a vulnerability in the Header Handler component (unknown function in /mediacrush/paths.py) where manipulation of the Host argument leads to improper neutralization of HTTP headers for scripting syntax. The issue can be triggered remotely. CVSS scores vary by versio...

EUVD-2025-199947

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

MediaCrush 安全漏洞

MediaCrush is a media hosting and sharing platform from the Israeli company MediaCrush. A security vulnerability exists in MediaCrush versions 1.0.0 and 1.0.1, which stems from the incorrect manipulation of the parameter Host in the file /mediacrush/paths.py, which could lead to improper...

PT-2025-48407

Name of the Vulnerable Software and Affected Versions MediaCrush versions 1.0.0 through 1.0.1 Description A flaw exists in MediaCrush that involves improper neutralization of HTTP headers for scripting syntax. This issue is located within an unknown function of the /mediacrush/paths.py file, part...