2 matches found
CVE-2022-33149
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the CloneSite plugi...
CVE-2022-33149
WWBN AVideo 11.6 and dev master commit 3f7c0364 contain a SQL injection in the ObjectYPT data handling (unsanitized inputs in save paths). Talos confirms CVE-2022-33149 and related disclosures across Live_schedule and CloneSite plugins, with PoCs showing injection via fields such as duration, tit...