CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7 matches found

RedhatCVE•added 2026/03/26 3:1 p.m.•2 views

CVE-2026-33717

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

8.8CVSS5.8AI score0.00067EPSS

Exploits1References1

EUVD•added 2026/03/25 9:28 p.m.•2 views

EUVD-2026-14504

AVideo: Remote Code Execution via PHP Temp File in Encoder downloadURL...

8.8CVSS5.9AI score0.00067EPSS

Exploits1References3

Github Security Blog•added 2026/03/25 9:28 p.m.•4 views

AVideo: Remote Code Execution via PHP Temp File in Encoder downloadURL

Summary The downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing an invalid resolution parameter, an attacker triggers an early die via...

8.8CVSS6.7AI score0.00067EPSS

Exploits1References4Affected Software1

NVD•added 2026/03/23 7:16 p.m.•1 views

CVE-2026-33717

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

8.8CVSS0.00067EPSS

Exploits1References2

OSV•added 2026/03/23 6:48 p.m.•1 views

CVE-2026-33717 AVideo Vulnerable to Remote Code Execution via Persistent PHP Temp File in Encoder downloadURL with Resolution Validation Abort

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

8.8CVSS5.9AI score0.00067EPSS

Exploits1References4

Vulnrichment•added 2026/03/23 6:48 p.m.•1 views

CVE-2026-33717 AVideo Vulnerable to Remote Code Execution via Persistent PHP Temp File in Encoder downloadURL with Resolution Validation Abort

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

8.8CVSS5.8AI score0.00067EPSS

Exploits1References2

ATTACKERKB•added 2026/03/23 6:48 p.m.•2 views

CVE-2026-33717

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...

8.8CVSS5.8AI score0.00067EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by