Lucene search
K

232 matches found

CNNVD
CNNVD
added 2022/08/16 12:0 a.m.4 views

WWBN AVideo SQL注入漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. WWBN AVideo version 11.6 suffers from a SQL injection vulnerability that stems from a sql injection vulnerability in the ObjectYPT function. An attacker can use this vulnerability to cause an sql injection via a specially...

8.8CVSS8AI score0.00973EPSS
Exploits0References4
NVD
NVD
added 2021/02/01 4:15 p.m.26 views

CVE-2021-21286

AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the...

8.8CVSS7.8AI score0.0077EPSS
Exploits0References2
Prion
Prion
added 2021/02/01 4:15 p.m.14 views

Authorization

AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the...

6.5CVSS8.5AI score0.0077EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/02/01 3:25 p.m.28 views

CVE-2021-21286 Authorization Bypass in AVideo Platform

AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the...

7.7CVSS8.7AI score0.0077EPSS
Exploits0References2
CVE
CVE
added 2021/02/01 3:25 p.m.51 views

CVE-2021-21286

CVE-2021-21286 affects AVideo Platform (self-hosted video platform). The vulnerability is an authorization bypass present in versions before 10.2 that could let an ordinary user gain admin control. The issue is fixed in version 10.2, with changes that remove the pass hash and the recoverPass hash...

8.8CVSS8.1AI score0.0077EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.7 views

Wwbn Avideo Permission License and Access Control Issues Vulnerability

Wwbn Avideo is a video platform builder written in PHP by the Wwbn WWBN team. AVideo Platform suffers from a Permission Permission and Access Control Issues vulnerability that stems from an authorization bypass vulnerability that could allow a normal user to gain administrative control...

8.8CVSS7.3AI score0.0077EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2020/02/05 12:0 a.m.92 views

AVideo Platform 8.1 User Enumeration

Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/02/05 12:0 a.m.140 views

AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset) Vulnerability

Exploit for jsp platform in category web applications Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery Password Reset Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...

Exploits0
exploitpack
exploitpack
added 2020/02/05 12:0 a.m.15 views

AVideo Platform 8.1 - Information Disclosure (User Enumeration)

AVideo Platform 8.1 - Information Disclosure User Enumeration Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested...

7.2AI score
Exploits0
0day.today
0day.today
added 2020/02/05 12:0 a.m.196 views

AVideo Platform 8.1 - Information Disclosure (User Enumeration) Vulnerability

Exploit for jsp platform in category web applications Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/05 12:0 a.m.148 views

AVideo Platform 8.1 - Information Disclosure (User Enumeration)

Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/05 12:0 a.m.128 views

AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)

Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery Password Reset Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...

7AI score
Exploits0
Rows per page
Query Builder