CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2026/04/01 9:7 p.m.•2 views

AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

Summary AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and draft workflows. The setStatus method validates the status code again...

4.3CVSS6.1AI score0.0001EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/03/31 8:55 p.m.•1 views

CVE-2026-34738 AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and dra...

4.3CVSS5.9AI score0.0001EPSS

Exploits1References1

OSV•added 2026/03/31 8:55 p.m.•0 views

CVE-2026-34738 AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

4.3CVSS6AI score0.0001EPSS

Exploits1References3

CVE•added 2026/03/31 8:55 p.m.•2 views

CVE-2026-34738

CVE-2026-34738 affects WWBN AVideo (

4.3CVSS5.9AI score0.0001EPSS

Exploits1References1Affected Software1

CNNVD•added 2026/03/31 12:0 a.m.•2 views

WWBN AVideo 授权问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained an authorization vulnerability. This vulnerability stemmed from the lack of permission verification for the overrideStatus parameter in the video processing...

4.3CVSS5.8AI score0.0001EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by