9 matches found
CVE-2025-60500
QDocs Smart School Management System 7.1 contains a logic flaw in the media upload feature that lets authenticated users with roles such as accountant or admin bypass file type restrictions by abusing the alternate YouTube URL option. This enables uploading arbitrary PHP files that are stored in ...
CVE-2025-62185
In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...
CVE-2025-62185
In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...
CVE-2025-62185
In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...
EUVD-2025-32879
In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...
CVE-2025-62185
In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...
Improper Validation of Syntactic Correctness of Input
Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input via improper handling of user-supplied URLs by using the startswith method in imageutils.py. An...
CVE-2022-23543 HTML attributes when attaching a YouTube link to the post
Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped...
CVE-2022-23543 HTML attributes when attaching a YouTube link to the post
Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped...