Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday210 views

YouPHPTube Encoder 2.3 - Remote Command Injection

YouPHPTube Encoder 2.3 is susceptible to a command injection vulnerability which could allow an attacker to compromise the server. These exploitable unauthenticated command injections exist via the parameter base64Url in /objects/getImage.php. id: CVE-2019-5127 info: name: YouPHPTube Encoder 2.3 ...

10CVSS7AI score0.45302EPSS
Exploits1References5
Circl
Circl
added 2024/01/29 9:41 a.m.163 views

CVE-2019-5127

creationtimestamp| type| source ---|---|--- 2024-01-29 09:41:37+00:00| seen| https://t.me/ctinow/175122 2024-05-22 06:15:17+00:00| seen| https://t.me/CyberSecurityTechnologies/2661 2024-12-22 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-22 2024-12-26...

10CVSS7.3AI score0.45302EPSS
In wildExploits1References5
Check Point Advisories
Check Point Advisories
added 2020/02/25 12:0 a.m.84 views

YouPHPTube Encoder Command Injection (CVE-2019-5127; CVE-2019-5128; CVE-2019-5129)

A command injection vulnerability exists in YouPHPTube Encoder. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS4.8AI score0.45302EPSS
Exploits3
CVE
CVE
added 2019/10/25 5:12 p.m.189 views

CVE-2019-5127

YouPHPTube Encoder 2.3 is vulnerable to unauthenticated command injections via the base64Url parameter in /objects/getImage.php (also seen in related endpoints such as getImageMP4.php and getSpiritsFromVideo.php). Exploitation can lead to remote code execution and full server compromise. The TALO...

10CVSS9.7AI score0.45302EPSS
In wildExploits1References1Affected Software1
Talos
Talos
added 2019/10/17 12:0 a.m.121 views

YouPHPTube Encoder base64Url multiple command injections

Summary Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific...

10CVSS9.9AI score0.45302EPSS
Exploits3
Rows per page
Query Builder