Lucene search
K

422 matches found

NVD
NVD
added 2026/04/21 11:16 p.m.14 views

CVE-2026-41057

WWBN AVideo is an open source video platform. In versions 29.0 and below, the CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/ endpoints: 1 plugin/API/router.php lines 4-8...

7.1CVSS0.00132EPSS
Exploits1References2
NVD
NVD
added 2026/04/21 11:16 p.m.8 views

CVE-2026-40928

WWBN AVideo is an open source video platform. In versions 29.0 and prior, multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious...

5.4CVSS0.00115EPSS
Exploits1References2
NVD
NVD
added 2026/04/21 11:16 p.m.7 views

CVE-2026-40935

WWBN AVideo is an open source video platform. In versions 29.0 and prior, objects/getCaptcha.php accepts the CAPTCHA length ql directly from the query string with no clamping or sanitization, letting any unauthenticated client force the server to generate a 1-character CAPTCHA word. Combined with...

5.3CVSS0.00218EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 11:4 p.m.6 views

CVE-2026-41064

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS5.7AI score0.00335EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/04/21 10:59 p.m.15 views

CVE-2026-41063

CVE-2026-33500 / CVE-2026-41063 (AVideo) : In versions up to 26.0, WWBN AVideo’s custom ParsedownSafeWithLinks sanitizes raw HTML but does not override inlineLink() and inlineUrlTag() in the base Parsedown, so markdown links using [text](javascript:…) or bypass sanitization. Public docs confirm ...

5.4CVSS5.7AI score0.00218EPSS
Exploits2References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:59 p.m.5 views

CVE-2026-41063

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization...

5.4CVSS5.7AI score0.00216EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2026/04/21 10:59 p.m.34 views

CVE-2026-41063 WWBN AVideo has incomplete fix for CVE-2026-33500 (XSS)

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization...

5.4CVSS0.00216EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2026/04/21 10:49 p.m.5 views

CVE-2026-41061 WWBN AVideo Vulnerable to stored XSS via Unanchored Duration Regex in Video Encoder Receiver

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isValidDuration regex at objects/video.php:918 uses /^0-91,2:0-91,2:0-91,2/ without a $ end anchor, allowing arbitrary HTML/JavaScript to be appended after a valid duration prefix. The crafted duration is stored in the...

5.4CVSS5.4AI score0.00173EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:49 p.m.3 views

CVE-2026-41061

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isValidDuration regex at objects/video.php:918 uses /^0-91,2:0-91,2:0-91,2/ without a $ end anchor, allowing arbitrary HTML/JavaScript to be appended after a valid duration prefix. The crafted duration is stored in the...

5.4CVSS5.4AI score0.00173EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:44 p.m.4 views

CVE-2026-41060

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

7.7CVSS5.9AI score0.003EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 10:25 p.m.2 views

CVE-2026-41055 AVideo has an incomplete fix for CVE-2026-33039 (SSRF)

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS5.7AI score0.00453EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:25 p.m.6 views

CVE-2026-41055

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS5.8AI score0.00377EPSS
Exploits2References5Affected Software1
EUVD
EUVD
added 2026/04/21 10:25 p.m.5 views

EUVD-2026-24529

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS5.8AI score0.00377EPSS
Exploits2References4
CVE
CVE
added 2026/04/21 10:25 p.m.19 views

CVE-2026-41055

Summary: CVE-2026-41055 (and related CVE-2026-33039) affect WWBN AVideo’s LiveLinks proxy. In versions ≤ 29.0, an incomplete fix to SSRF validation uses isSSRFSafeURL() for the initial URL but does not re-validate after DNS resolution or redirects, enabling DNS TOCTOU/ DNS rebinding between valid...

8.6CVSS5.7AI score0.00453EPSS
Exploits2References4Affected Software1
EUVD
EUVD
added 2026/04/21 10:21 p.m.3 views

EUVD-2026-24527

WWBN AVideo is an open source video platform. In versions 29.0 and prior, objects/getCaptcha.php accepts the CAPTCHA length ql directly from the query string with no clamping or sanitization, letting any unauthenticated client force the server to generate a 1-character CAPTCHA word. Combined with...

5.3CVSS5.8AI score0.00218EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/21 10:16 p.m.7 views

EUVD-2026-24525

WWBN AVideo is an open source video platform. In versions 29.0 and prior, objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest, does not verify a CSRF/global token, and does not check...

5.4CVSS5.6AI score0.00113EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:16 p.m.5 views

CVE-2026-40929

WWBN AVideo is an open source video platform. In versions 29.0 and prior, objects/commentDelete.json.php is a state-mutating JSON endpoint that deletes comments but performs no CSRF validation. It does not call forbidIfIsUntrustedRequest, does not verify a CSRF/global token, and does not check...

5.4CVSS5.6AI score0.00113EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:14 p.m.7 views

CVE-2026-40928

WWBN AVideo is an open source video platform. In versions 29.0 and prior, multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious...

5.4CVSS5.7AI score0.00115EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/21 10:14 p.m.35 views

CVE-2026-40928 AVideo: Missing CSRF Protection on State-Changing JSON Endpoints Enables Forced Comment Creation, Vote Manipulation, and Category Asset Deletion

WWBN AVideo is an open source video platform. In versions 29.0 and prior, multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious...

5.4CVSS0.00115EPSS
Exploits1References2
CVE
CVE
added 2026/04/21 10:14 p.m.17 views

CVE-2026-40928

WWBN AVideo (versions ≤ 29.0) exposes state-changing JSON endpoints under objects/ without CSRF protection or origin/referer checks. A logged-in user can be coerced to perform actions via attacker-controlled HTML: like/dislike comments (objects/comments_like.json.php), post comments with attacker...

5.4CVSS5.7AI score0.00115EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder