CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint...

EUVD-2025-199947

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be...

PT-2025-48407

Name of the Vulnerable Software and Affected Versions MediaCrush versions 1.0.0 through 1.0.1 Description A flaw exists in MediaCrush that involves improper neutralization of HTTP headers for scripting syntax. This issue is located within an unknown function of the /mediacrush/paths.py file, part...

MediaCrush 安全漏洞

MediaCrush is a media hosting and sharing platform from the Israeli company MediaCrush. A security vulnerability exists in MediaCrush versions 1.0.0 and 1.0.1, which stems from the incorrect manipulation of the parameter Host in the file /mediacrush/paths.py, which could lead to improper...