5 matches found
CVE-2019-5121
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php...
CVE-2019-5121
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php...
CVE-2019-5121
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php...
CVE-2019-5121
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php...
CVE-2019-5121
YouPHPTube 7.6 contains authenticated SQL injection vulnerabilities in the /objects/pluginSwitch.json.php endpoint (parameter uuid, name, dir). TALOS documentation describes exploitable, authenticated SQL injections that could exfiltrate database data and, in certain configurations, access the OS...