Lucene search
K

81 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.10 views

CVE-2026-43877

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not...

5.4CVSS5.5AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 10:22 p.m.10 views

CVE-2026-43877

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not...

5.4CVSS0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 8:34 p.m.31 views

CVE-2026-43877 WWBN AVideo: CSRF in userSavePhoto.php Allows Cross-Origin Overwrite of Any Logged-in User's Profile Photo with Arbitrary Bytes

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not...

5.4CVSS0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/05/11 8:34 p.m.13 views

CVE-2026-43877

CVE-2026-43877 (WWBN/AVideo) : CSRF in objects/userSavePhoto.php allows a logged‑in user’s profile photo to be overwritten with arbitrary bytes via a crafted cross‑origin POST, due to missing CSRF protection (the endpoint does not use the .json.php suffix and is excluded from autoCSRFGuard), no t...

5.4CVSS5.9AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 7:13 p.m.7 views

GHSA-JW8G-5J46-44RP AVideo: CSRF in userSavePhoto.php Allows Cross-Origin Overwrite of Authenticated Users' Profile Photos with Arbitrary Content

Summary objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not end in .json.php, so it is excluded from the project's global autoCSRFGuard...

5.4CVSS6.1AI score0.00121EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/05 7:13 p.m.7 views

AVideo: CSRF in userSavePhoto.php Allows Cross-Origin Overwrite of Authenticated Users' Profile Photos with Arbitrary Content

Summary objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the decoded bytes to videos/userPhoto/photo.png. Its only access control is User::isLogged. It does not end in .json.php, so it is excluded from the project's global autoCSRFGuard...

5.4CVSS6.1AI score0.00121EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/05/05 7:13 p.m.7 views

Cross-site Request Forgery (CSRF)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the userSavePhoto.php process. An attacker can overwrite authenticated users' profile photos with arbitrary content and trigger...

5.4CVSS5.9AI score0.00121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.9 views

PT-2026-37293

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.0 Description A Cross-Site Request Forgery CSRF issue exists in the legacy profile-photo endpoint "objects/userSavePhoto.php". The endpoint accepts a base64 POST parameter imgBase64 and writes the decoded bytes...

5.4CVSS5.8AI score0.00121EPSS
Exploits0References6
NVD
NVD
added 2026/02/03 11:16 p.m.13 views

CVE-2020-37084

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

8.6CVSS0.00814EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/03 10:9 p.m.4 views

CVE-2020-37084

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

8.6CVSS6.9AI score0.00814EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/03 10:9 p.m.28 views

CVE-2020-37084 School ERP Pro 1.0 Admin Profile Photo Upload Remote Code Execution Vulnerability

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

8.6CVSS0.00814EPSS
Exploits1References4
CVE
CVE
added 2026/02/03 10:9 p.m.14 views

CVE-2020-37084

CVE-2020-37084 affects School ERP Pro 1.0. An authenticated administrator can upload arbitrary PHP files as profile photos by bypassing file extension checks, via improper validation in pre-editstudent.inc.php, enabling remote code execution on the server. The vulnerability is tied to the admin p...

8.6CVSS6.9AI score0.00814EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 10:9 p.m.5 views

CVE-2020-37084 School ERP Pro 1.0 Admin Profile Photo Upload Remote Code Execution Vulnerability

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

8.6CVSS6.9AI score0.00814EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/23 6:19 a.m.6 views

CVE-2026-24034

Horilla is a free and open source Human Resource Management System HRMS. In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue...

5.4CVSS5.1AI score0.00222EPSS
Exploits1References1
NVD
NVD
added 2026/01/22 4:15 a.m.10 views

CVE-2026-24034

Horilla is a free and open source Human Resource Management System HRMS. In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue...

5.4CVSS0.00222EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/22 2:41 a.m.5 views

CVE-2026-24034

Horilla is a free and open source Human Resource Management System HRMS. In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue...

5.4CVSS5AI score0.00222EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/01/22 2:41 a.m.21 views

CVE-2026-24034

CVE-2026-24034 affects Horilla HRMS. In versions prior to 1.5.0, an XSS vulnerability can be triggered during profile photo update because the extension and content-type are not checked. The issue is fixed in 1.5.0. If you use Horilla, upgrade to 1.5.0 or later to mitigate. The provided sources c...

5.4CVSS5.1AI score0.00222EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/01/22 2:41 a.m.6 views

EUVD-2026-4214

Horilla is a free and open source Human Resource Management System HRMS. In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue...

5.4CVSS5.1AI score0.00222EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/22 2:41 a.m.3 views

CVE-2026-24034 Horilla has File Upload XSS

Horilla is a free and open source Human Resource Management System HRMS. In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue...

5.4CVSS5.1AI score0.00222EPSS
Exploits1References2
OSV
OSV
added 2026/01/22 2:41 a.m.5 views

CVE-2026-24034 Horilla has File Upload XSS

Horilla is a free and open source Human Resource Management System HRMS. In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue...

5.4CVSS5.2AI score0.00222EPSS
Exploits1References4
Rows per page
Query Builder