4 matches found
CVE-2021-25878
AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator...
CVE-2021-25878
creationtimestamp| type| source ---|---|--- 2021-11-01 15:21:27+00:00| seen| https://t.me/cibsecurity/31547...
CVE-2021-25878
AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator...
CVE-2021-25878
The CVE-2021-25878 entry concerns AVideo/YouPHPTube (versions 10.0 and earlier) and describes multiple reflected cross-site scripting vulnerabilities exposed via the videoName parameter. The underlying issue is a reflected XSS that allows a remote attacker to steal an administrator’s session cook...