CVE-2025-55912

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photouploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler...

CVE-2025-55912

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photouploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler...

CVE-2025-55912

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photouploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler...

PT-2025-38416

Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.0 Description An issue exists in ClipBucket that allows an unauthenticated attacker to upload arbitrary files via the photo uploader.php plupload endpoint due to missing access controls in the upload handler...

CVE-2025-55912

ClipBucket 5.5.0 and earlier versions are affected by an unauthenticated arbitrary file upload vulnerability in the plupload endpoint at photo_uploader.php due to missing access controls in the upload handler. Exploitation can lead to remote code execution by uploading crafted PHP files (as shown...

CVE-2025-55912

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photouploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler...

ClipBucket 5.5.0 - Arbitrary File Upload

Exploit Title: ClipBucket 5.5.0 - Arbitrary File Upload Google Dork: N/A Date: 2025-09-11 Exploit Author: Mukundsinh Solanki r00td3str0y3r Vendor Homepage: https://clipbucket.com Software Link: https://github.com/MacWarrior/clipbucket-v5 Version: ------BOUND-- The file is uploaded without...

The vulnerability in the scripts beatsUploader.php, photoUploader.php, and editAccount.php of the ClipBucket video content management system allows a hacker to upload malicious files to the server.

The vulnerability of the ClipBucket video content management system’s scripts beatUploader.php, photoUploader.php, and editAccount.php can be exploited. Exploiting this vulnerability allows a malicious actor to upload malicious files to the server using parameters like name for beatUploader.php a...

CVE-2018-7665

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beatsuploader.php or actions/photouploader.php, or the coverPhoto parameter to editaccount.php...

ClipBucket Malicious File Upload Vulnerability

ClipBucket is an open source video sharing software developed by Arslan team. The software allows you to share videos to video sites and supports the lights off effect when watching a movie. A security vulnerability exists in versions prior to ClipBucket 4.0.0 Release 4902. An attacker could send...

CVE-2015-4673

Multiple cross-site scripting XSS vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via 1 the collectiondescription parameter to upload/managecollections.php in an addnew action or the 2 photodescription, 3 phototags, or 4 phototitle...

CVE-2015-4673

Multiple cross-site scripting XSS vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via 1 the collectiondescription parameter to upload/managecollections.php in an addnew action or the 2 photodescription, 3 phototags, or 4 phototitle...

WordPress Windows Desktop And iPhone Photo Uploader File Upload Vulnerability

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability. Exploit Title : Wordpress plugin Windows Desktop and iPhone Photo Uploader arbitrary file upload vulnerbility Author : Manish Kishan Tanwar AKA error1046 Home Page :...

WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload

WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload Exploit Title : Wordpress plugin Windows Desktop and iPhone Photo Uploader arbitrary file upload vulnerbility Author : Manish Kishan Tanwar AKA error1046 Home Page :...

Windows Desktop And iPhone Photo Uploader <= 1.8 - File Upload

The i-dump-iphone-to-wordpress-photo-uploader WordPress plugin was affected by a File Upload security vulnerability...

WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload

Exploit Title : Wordpress plugin Windows Desktop and iPhone Photo Uploader arbitrary file upload vulnerbility Author : Manish Kishan Tanwar AKA error1046 Home Page : https://wordpress.org/plugins/i-dump-iphone-to-wordpress-photo-uploader/ Download Link :...

Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow - Ver2 (CVE-2008-0660)

Facebook is a social networking website which allows its users to publish their photos. The website publishes an ActiveX control, ImageUploader4.ocx, to assist photo uploading. A buffer overflow vulnerability exists in the Facebook Photo Uploader ActiveX control. The flaw is due to a boundary err...

Facebook Photo Uploader 4 ActiveX Control Buffer Overflow

No description provided by source. $Id: facebookextractiptc.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

Facebook Photo Uploader 4 - ActiveX Control Buffer Overflow (Metasploit)

$Id: facebookextractiptc.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow (CVE-2008-0660)

Facebook is a social networking website which allows its users to publish their photos. The website publishes an ActiveX control, ImageUploader4.ocx, to assist photo uploading. A buffer overflow vulnerability exists in the Facebook Photo Uploader ActiveX control. The flaw is due to a boundary err...