40 matches found
CVE-2026-50745
CVE-2026-50745 concerns Revive Adserver’s stats-video.php where user input is reflected due to missing sanitisation and unencoded URL parameters, arising from improper handling of the Smarty url helper. The HackerOne report confirms a reflected XSS vector in this script. No exploitation status or...
EUVD-2026-39605
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
PT-2025-52614
Name of the Vulnerable Software and Affected Versions SeaCMS versions up to 13.3 Description A SQL injection issue exists in SeaCMS. The issue is located in the admin video.php file, specifically through manipulation of the e id argument within an unknown function. This allows for remote...
EUVD-2010-2467
Malware in sbrugna...
EUVD-2024-41071
Malicious code in bioql PyPI...
FoxCMS 注入漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. FoxCMS 1.2.5 and previous versions exist injection vulnerability, the vulnerability stems from the file app/admin/controller/Video.php in the parameter ids of the wrong operation leads to SQL injection...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
SeaCMS cross-site scripting vulnerability (CNVD-2024-39583)
SeaCMS is a free, open source web content management system written in PHP by SeaCMS. The system has been designed primarily to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS version v13, which originates from a cross-site scripting vulnerability contained...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php. The CVE entry documents an XSS in SeaCMS v13 (admin-video.php) with a CVSS v3.1 base score 6.1 (MEDIUM). Exploitation details are not fully disclosed in the provided materials; CVSS suggests network access with user inter...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
CVE-2024-44683
Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...
PT-2024-31210 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: Seacms version 13 Description: The issue is related to Cross Site Scripting XSS via the admin-video.php endpoint. This allows for potential malicious script execution. No information is provided about the estimated number of potentially...
CVE-2024-0482
A vulnerability classified as critical has been found in Taokeyun up to 1.0.5. This affects the function index of the file application/index/controller/app/Video.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate...
CVE-2024-0482 Taokeyun HTTP POST Request Video.php index sql injection
A vulnerability classified as critical has been found in Taokeyun up to 1.0.5. This affects the function index of the file application/index/controller/app/Video.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate...
CVE-2024-0482
Summary of findings (CVE-2024-0482): Taokeyun up to 1.0.5 is affected by a vulnerability in the HTTP POST Request Handler, specifically the function index within Video.php. The issue arises from manipulating the parameter cid , leading to an SQL injection. The vulnerability is exploitable remotel...
PT-2024-15599 · Taokeyun · Taokeyun
Name of the Vulnerable Software and Affected Versions: Taokeyun versions up to 1.0.5 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting the function index of the file application/index/controller/app/Video.php. The manipulation of the c...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-50470
Summary of CVE-2023-50470 : Multiple sources document a cross-site scripting (XSS) vulnerability in SeaCMS v12.8 affecting the component described as admin_Video.php or admin_ Video.php, allowing an attacker to inject arbitrary web scripts/HTML via a crafted payload. The issue stems from insuffic...