Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:54 a.m.11 views

CVE-2024-6338

The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Thi...

8.8CVSS7.3AI score0.00509EPSS
Exploits0References1
Circl
Circl
added 2024/07/19 11:11 a.m.6 views

CVE-2024-6338

creationtimestamp| type| source ---|---|--- 2024-07-19 11:11:29+00:00| seen| https://t.me/cvedetector/1201...

8.8CVSS4.8AI score0.00509EPSS
Exploits0References1
NVD
NVD
added 2024/07/19 8:15 a.m.30 views

CVE-2024-6338

The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Thi...

8.8CVSS0.00509EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/19 7:36 a.m.33 views

CVE-2024-6338 FV Player <= 7.5.46.7212 - Authenticated (Subscriber+) SQL Injection via exclude Parameter

The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Thi...

8.8CVSS0.00509EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/19 7:36 a.m.15 views

CVE-2024-6338 FV Player <= 7.5.46.7212 - Authenticated (Subscriber+) SQL Injection via exclude Parameter

The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Thi...

8.8CVSS7.3AI score0.00509EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/19 12:0 a.m.11 views

WordPress FV Flowplayer Video Player Plugin <= 7.5.46.7212 is vulnerable to SQL Injection

Software FV Flowplayer Video Player Type Plugin Vulnerable versions = 7.5.46.7212 Fixed in 7.5.47.7212 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6338 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 35cbf5adc214 Credits Arkadiusz Hydzik Required...

8.8CVSS6.8AI score0.00509EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder