CVE-2026-26005 ClipBucket v5 enables internal network scans via an SSRF vulnerability

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SS...

ClipBucket 代码问题漏洞

ClipBucket is an open-source PHP script developed by MacWarrior. It is available for free download and used to create video-sharing websites. Versions of ClipBucket prior to v5.5.3 had code vulnerabilities. These vulnerabilities stemmed from the remote playback feature, which allowed the creation...

EUVD-2025-4030

Malicious code in bioql PyPI...

EUVD-2022-33595

Malicious code in bioql PyPI...

CVE-2022-29235

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the current timestamp...

CVE-2025-25097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through = 2.1.1...

CVE-2025-25097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through = 2.1.1...

CVE-2025-25097 WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody allows Stored XSS. This issue affects External Video For Everybody: from n/a through 2.1.1...

CVE-2025-25097 WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through = 2.1.1...

CVE-2025-25097

CVE-2025-25097 is a stored XSS vulnerability in the WordPress plugin External Video For Everybody

WordPress plugin External Video For Everybody 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

BigBlueButton Information Disclosure Vulnerability (CNVD-2022-82640)

BigBlueButton is an open source Web conferencing system from the BigBlueButton community.BigBlueButton is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to find information related to an external video being shared...

CVE-2022-29235

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the current timestamp...

Design/Logic Flaw

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the current timestamp...

CVE-2022-29235 Limited data exposure for shared external videos in BigBlueButton

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the current timestamp...

BigBlueButton 安全漏洞

BigBlueButton is an open source Web conferencing system from the BigBlueButton community.BigBlueButton is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to find information related to an external video being shared...

PT-2022-19485 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton versions 2.2 through 2.3.17 BigBlueButton versions 2.4-rc-1 through 2.4-rc-5 Description: BigBlueButton is an open source web conferencing system. An attacker who is able to obtain the meeting identifier for a meeting on a serve...

WordPress External Video For Everybody Plugin <= 2.0 - XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update plugin...

Vulnerabilities in multiple plugins for WordPress with VideoJS

Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites...

WordPress Video JS Cross Site Scripting

Hello list! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites a...