7 matches found
CVE-2024-37620
PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...
CVE-2024-37620
PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...
PT-2024-27677 · Phpvod · Phpvod
Name of the Vulnerable Software and Affected Versions: PHPVOD version 4.0 Description: A reflected cross-site scripting XSS issue was found in PHPVOD. The issue is related to the id parameter at the "/view/admin/view.php" API endpoint. Recommendations: For PHPVOD version 4.0, avoid using the id...
CVE-2024-37620
PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...
CVE-2024-37620
CVE-2024-37620 affects PHPVOD v4.0, with a reflected XSS vulnerability in the id parameter of /view/admin/view.php. The issue arises from untrusted input reflected in the response, enabling script execution in the context of the victim’s browser. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I...
CVE-2024-37620
PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...
PHPVOD Cross-Site Scripting Vulnerability
PHPVOD is a PHPVOD open source application. It is used to build online video websites. A cross-site scripting vulnerability exists in PHPVOD v4.0, which originates from a cross-site scripting vulnerability contained in the id parameter in /view/admin/view.php...