2 matches found
CVE-2019-5119
An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltrati...
CVE-2019-5119
CVE-2019-5119 affects YouPHPTube 7.6 with an authenticated SQL injection in /objects/subscribeNotify.json.php (user_id parameter) that can exfiltrate data and, in some configurations, access the OS. Talos/Red Hat and related advisories report multiple SQLi vulnerabilities across YouPHPTube 7.6/7....