CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

CVE•added 2025/12/17 7:49 p.m.•6 views

CVE-2025-34439

Summary: CVE-2025-34439 affects AVideo versions prior to 20.1, with an open redirect flaw during user login due to missing validation of the cancelUri parameter. What’s affected: AVideo before version 20.1. Root cause: Lack of input validation on cancelUri during login, enabling an attacker to cr...

6.1CVSS6.4AI score0.00031EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2025/12/17 7:49 p.m.•2 views

CVE-2025-34439 AVideo < 20.1 Open Redirect via cancelUri Parameter

AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker can craft a link to redirect users to arbitrary external sites, enabling phishing attacks...

4.8CVSS6.4AI score0.00031EPSS

Exploits0References4

EUVD•added 2025/12/17 7:49 p.m.•1 views

EUVD-2025-203950

AVideo versions prior to 20.0 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker can craft a link to redirect users to arbitrary external sites, enabling phishing attacks...

4.8CVSS6.3AI score0.00031EPSS

Exploits0References4

Talos•added 2025/07/24 12:0 a.m.•3 views

WWBN AVideo LoginWordPress loginForm cancelUri parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2208 WWBN AVideo LoginWordPress loginForm cancelUri parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-36548 SUMMARY A cross-site scripting xss vulnerability exists in the LoginWordPress loginForm cancelUri parameter...

9.6CVSS5.5AI score0.00703EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by