232 matches found
WWBN AVideo SQL注入漏洞
WWBN AVideo is a video platform builder written in PHP by the WWBN team. WWBN AVideo version 11.6 suffers from a SQL injection vulnerability that stems from a sql injection vulnerability in the ObjectYPT function. An attacker can use this vulnerability to cause an sql injection via a specially...
CVE-2021-21286
AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the...
Authorization
AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the...
CVE-2021-21286 Authorization Bypass in AVideo Platform
AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the...
CVE-2021-21286
CVE-2021-21286 affects AVideo Platform (self-hosted video platform). The vulnerability is an authorization bypass present in versions before 10.2 that could let an ordinary user gain admin control. The issue is fixed in version 10.2, with changes that remove the pass hash and the recoverPass hash...
Wwbn Avideo Permission License and Access Control Issues Vulnerability
Wwbn Avideo is a video platform builder written in PHP by the Wwbn WWBN team. AVideo Platform suffers from a Permission Permission and Access Control Issues vulnerability that stems from an authorization bypass vulnerability that could allow a normal user to gain administrative control...
AVideo Platform 8.1 User Enumeration
Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...
AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset) Vulnerability
Exploit for jsp platform in category web applications Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery Password Reset Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...
AVideo Platform 8.1 - Information Disclosure (User Enumeration)
AVideo Platform 8.1 - Information Disclosure User Enumeration Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested...
AVideo Platform 8.1 - Information Disclosure (User Enumeration) Vulnerability
Exploit for jsp platform in category web applications Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...
AVideo Platform 8.1 - Information Disclosure (User Enumeration)
Exploit Title: AVideo Platform 8.1 - Information Disclosure User Enumeration Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...
AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)
Exploit Title: AVideo Platform 8.1 - Cross Site Request Forgery Password Reset Dork: N/A Date: 2020-02-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://avideo.com Software Link: https://github.com/WWBN/AVideo Version: 8.1 Tested on: Linux CVE: N/A POC: 1...