CVE-2026-21875 ClipBucket v5 Vulnerable to Blind SQL Injection through Channel Comments

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-187 and below allow an attacker to perform Blind SQL Injection through the add comment section within a channel. When adding a comment within a channel, there is a POST request to the /actions/ajax.php endpoint. The objid...

CVE-2026-21875 ClipBucket v5 Vulnerable to Blind SQL Injection through Channel Comments

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-187 and below allow an attacker to perform Blind SQL Injection through the add comment section within a channel. When adding a comment within a channel, there is a POST request to the /actions/ajax.php endpoint. The objid...

CVE-2026-21875

CVE-2026-21875 affects ClipBucket v5 and earlier builds up to 5.5.2-#187. The vulnerability arises from a Blind SQL Injection in the channel comment flow: when a user submits a comment, a POST to /actions/ajax.php passes the obj_id parameter to functions in upload/includes/classes/user.class.php ...

CVE-2026-21875 ClipBucket v5 Vulnerable to Blind SQL Injection through Channel Comments

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-187 and below allow an attacker to perform Blind SQL Injection through the add comment section within a channel. When adding a comment within a channel, there is a POST request to the /actions/ajax.php endpoint. The objid...