WWBN AVideo 命令注入漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained a command injection vulnerability. This vulnerability stemmed from improper cleanup during the construction of shell commands using user-controlled url parameters ...

PT-2026-34227

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 29.0 and earlier Description The CloneSite plugin contains a flaw where the 'cloneServer.json.php' endpoint constructs shell commands using the url parameter without proper sanitization. This input is directly concatenated...

WWBN AVideo 路径遍历漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a path traversal vulnerability. This vulnerability stemmed from the deleteDump parameter in the cloneServer.json.php file being passed directly to the unlink...

Directory Traversal

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Directory Traversal via the deleteDump parameter in cloneServer.json.php. An attacker can delete arbitrary files on the server, including critical configuration an...