CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

PT-2026-5929

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

EUVD-2025-206727

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

CVE-2025-61506

MediaCrush up to version 1.0.1 is affected by an unauthenticated remote file upload vulnerability at the /upload endpoint, enabling attackers to upload arbitrary file sizes. Root cause details are not provided in the sources. No explicit mitigation or patches are described in the available docume...

CVE-2025-13803

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

EUVD-2025-199947

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803 MediaCrush Header paths.py http headers for scripting syntax

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803 MediaCrush Header paths.py http headers for scripting syntax

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

CVE-2025-13803

MediaCrush 1.0.0/1.0.1 contains a vulnerability in the Header Handler component (unknown function in /mediacrush/paths.py) where manipulation of the Host argument leads to improper neutralization of HTTP headers for scripting syntax. The issue can be triggered remotely. CVSS scores vary by versio...

MediaCrush 安全漏洞

MediaCrush is a media hosting and sharing platform from the Israeli company MediaCrush. A security vulnerability exists in MediaCrush versions 1.0.0 and 1.0.1, which stems from the incorrect manipulation of the parameter Host in the file /mediacrush/paths.py, which could lead to improper...

PT-2025-48407

Name of the Vulnerable Software and Affected Versions MediaCrush versions 1.0.0 through 1.0.1 Description A flaw exists in MediaCrush that involves improper neutralization of HTTP headers for scripting syntax. This issue is located within an unknown function of the /mediacrush/paths.py file, part...