49 matches found
AVideo Unauthenticated SQL Injection Credential Dump
AVideo use auxiliary/gather/avideocatnamesqli msf auxiliaryavideocatnamesqli show actions ...actions... msf auxiliaryavideocatnamesqli set ACTION msf auxiliaryavideocatnamesqli show options ...show and set options... msf auxiliaryavideocatnamesqli run This module requires Metasploit:...
CVE-2026-28501
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a...
Malicious Package
Overview sap-catname is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
CVE-2026-28501
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a...
CVE-2026-28501 WWBN AVideo: Unauthenticated SQL Injection via JSON Request Bypass in objects/videos.json.php
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a...
CVE-2026-28501
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a...
CVE-2026-28501 WWBN AVideo: Unauthenticated SQL Injection via JSON Request Bypass in objects/videos.json.php
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a...
SQL Injection
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to SQL Injection via the catName parameter in JSON-formatted POST requests to objects/videos.json.php and objects/video.php. An attacker can execute arbitrary SQL...
Curfew e-Pass Management System edit-category-detail.php file cross-site scripting vulnerability
Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter catname in the file...
CVE-2025-12311
A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public...
CVE-2025-12311
A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public...
CVE-2025-12311 PHPGurukul Curfew e-Pass Management System edit-category-detail.php cross site scripting
A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public...
CVE-2025-12311
The CVE-2025-12311 entry relates to a cross-site scripting (XSS) flaw in PHPGurukul Curfew e-Pass Management System 1.0, caused by unsafely handling the catname argument in edit-category-detail.php. Technical sources from CNVD, RH, NVD/CVE records, CNNVD, and others confirm the vulnerability stem...
CVE-2025-12311 PHPGurukul Curfew e-Pass Management System edit-category-detail.php cross site scripting
A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public...
EUVD-2025-36345
A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public...
PHPGurukul Curfew e-Pass Management System 代码注入漏洞
Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter catname in the file...
EUVD-2006-6717
Malware in sbrugna...
EUVD-2006-2818
Malware in sbrugna...
EUVD-2006-3029
Malware in sbrugna...
EUVD-2019-19026
Malware in sbrugna...