2 matches found
CVE-2024-54135 Untrusted Deserialization in ClipBucket-v5 Version 2.0 to 5.5.1 Revision 199
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/photoupload.php within the decodekey function. User inputs were supplied to this function...
CVE-2024-54136
Summary: ClipBucket-v5 (versions up to 5.5.1 Revision 199) is affected by a PHP deserialization vulnerability in upload/upload.php where user input via the collection parameter is passed to unserialize, enabling crafted PHP serialized objects and gadget chains. Impact (as stated): allows arbitrar...