WWBN AVideo 路径遍历漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained a path traversal vulnerability. This vulnerability stemmed from the directory traversal fix in objects/aVideoEncoderReceiveImage.json.php, which only checked the U...

CVE-2023-49864

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURLimage parameter...

CVE-2023-49864

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURLimage parameter...

CVE-2023-49863

WWBN AVideo vulnerability CVE-2023-49863 affects the aVideoEncoderReceiveImage.json.php image upload handler. The issue arises from the downloadURL_webpimage parameter, where an attacker can supply a URL that traverses the server’s filesystem (via /videos/.. paths) to read arbitrary files, includ...

WWBN AVideo Security Breach

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in WWBN AVideo, which originates from an information disclosure vulnerability in the image upload method of the aVideoEncoderReceiveImage.json.php page...

CVE-2022-32761

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...