CVE-2026-33502 AVideo has Unauthenticated SSRF via plugin/Live/test.php

WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated server-side request forgery vulnerability in plugin/Live/test.php allows any remote user to make the AVideo server send HTTP requests to arbitrary URLs. This can be used to probe...

EUVD-2019-9107

Malware in sbrugna...

CVE-2019-19486

Local File Inclusion in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to traverse paths via a plugin test...

VulnCheck KEV: CVE-2020-24901

The default installation of Krpano Panorama Viewer version =1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugintest.url...

Malicious code in rnpm-plugin-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f03d81a04faa9dfa10b651fae3c79fc5a31a92a306baec577cf0253376b277b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5826 Malicious code in rnpm-plugin-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f03d81a04faa9dfa10b651fae3c79fc5a31a92a306baec577cf0253376b277b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in parcel-plugin-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ef2e3039d8e848c3a238d4518c7b994f9d2999e032bfa53ecffe34326985e8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5212 Malicious code in parcel-plugin-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ef2e3039d8e848c3a238d4518c7b994f9d2999e032bfa53ecffe34326985e8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2021-11080 · Unknown · Krpano Panorama Viewer

Name of the Vulnerable Software and Affected Versions: Krpano Panorama Viewer versions =1.20.8 Description: The issue is related to Reflected XSS due to insecure remote js load in the file viewer/krpano.html. The plugintest.url parameter is vulnerable. Recommendations: For Krpano Panorama Viewer...

CVE-2019-19486

Local File Inclusion in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to traverse paths via a plugin test...

CVE-2019-19486

Local File Inclusion in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to traverse paths via a plugin test...

Remote file inclusion

Local File Inclusion in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to traverse paths via a plugin test...

Command injection

Command Injection in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to achieve command injection via a plugin test...

CVE-2019-19486

CVE-2019-19486 is a Local File Inclusion in Centreon (minPlayCommand.php) affecting 19.04.4 and earlier. The vulnerability allows path traversal via a plugin test, enabling access to files outside the intended directory. Red Hat and NVD entries confirm the same description; CVSS metrics exist (CV...

CVE-2019-19486

Local File Inclusion in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to traverse paths via a plugin test...

CVE-2019-19487

Command Injection in minPlayCommand.php in Centreon 19.04.4 and below allows an attacker to achieve command injection via a plugin test...