Lucene search
K

6 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-58447

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...

7.1CVSS0.00225EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/11/03 1:15 p.m.3 views

CVE-2023-5945

The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the responsivevideogallerywithlightboxvideomanagementfunc function. This makes it possible for unauthenticated attackers...

5.4CVSS5.7AI score0.00309EPSS
Exploits1References4Affected Software1
Hacker One
Hacker One
added 2020/10/06 1:22 a.m.35 views

TikTok: CSRF for deleting videos

A CSRF Cross Site Request Forgery vulnerability was reported on TikTok which could potentially be used by an attacker to delete other users' public videos if the user were to click a malicious link. This issue has since been resolved. We thank @luizviana for reporting this to our team and...

3.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/01/08 10:2 a.m.4 views

Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS

TikTok , the 3rd most downloaded app in 2019, is under intense scrutiny over users' privacy, censoring politically controversial content and on national-security grounds—but it's not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral...

6AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2019/02/27 10:57 p.m.39 views

FTC Hits TikTok With Record $5.7 Million Fine Over Children’s Privacy

The social media app will pay $5.7 million to settle the allegations, and be required to delete videos uploaded by anyone under 13...

2.6AI score
Exploits0
Cvelist
Cvelist
added 2015/06/15 2:0 p.m.22 views

CVE-2015-4352

Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...

7.1AI score0.00649EPSS
Exploits0References3
Rows per page
Query Builder