8206 matches found
PT-2026-29846
Name of the Vulnerable Software and Affected Versions TP-Link Tapo C520WS version 2.6 Description A heap-based buffer overflow exists in the HTTP POST body parsing logic due to insufficient boundary validation and missing validation of remaining buffer capacity after dynamic allocation when...
CVE-2026-34611
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the platform. While the endpoint verifies admin session status, it does not validate a CSRF token...
CVE-2026-34613
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugin...
GHSA-V897-C6VQ-6CR3 CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS
Summary Vulnerability: Stored DOM XSS via System Settings – Company Information Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Company Information Configuration Fields with Immediate Same-Page Execution Description The application fails t...
CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS
Summary Vulnerability: Stored DOM XSS via System Settings – Company Information Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Company Information Configuration Fields with Immediate Same-Page Execution Description The application fails t...
CI4MS: System Settings (Social Media Management) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS
Summary Vulnerability: Stored DOM XSS via System Settings – Social Media Management Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-site Scripting via Unsanitized Social Media Configuration Fields with Immediate Same-Page Execution Description The application fails to...
GHSA-GCFJ-CF7J-VWGJ CI4MS: System Settings (Social Media Management) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS
Summary Vulnerability: Stored DOM XSS via System Settings – Social Media Management Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-site Scripting via Unsanitized Social Media Configuration Fields with Immediate Same-Page Execution Description The application fails to...
EUVD-2026-17658
AVideo: Reflected XSS via Unescaped ip Parameter in UserLocation testIP.php...
AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php
Summary The UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTML and JavaScript via a crafted URL. Although the page is restricte...
Cross-site Scripting (XSS)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of the ip parameter in the UserLocation plugin's testIP.php process. An attacker can execute arbitrary JavaScript in the...
EUVD-2026-17639
AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins...
GHSA-HQXF-MHFW-RC44 AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins
Summary The AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugins database table is explicitly listed in ignoreTableSecurityCheck,...
GHSA-C4XJ-X7P8-3X7Q AVideo: CSRF on emailAllUsers.json.php Enables Mass Phishing Email to All Users
Summary The AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the platform. While the endpoint verifies admin session status, it does not validate a CSRF token. Because AVideo sets SameSite=None on session cookies, a cross-origin...
CVE-2026-5199 Cross Namespace Access via Batch Operation
A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow IDs and, for signal operations, signal names. This was due to a bu...
SUSE CVE-2026-20643
A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...
AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking
Summary AVideo's admin plugin configuration endpoint admin/save.json.php lacks any CSRF token validation. There is no call to isGlobalTokenValid or verifyToken before processing the request. Combined with the application's explicit SameSite=None cookie policy, an attacker can forge cross-origin...
CVE-2026-34739
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...
CVE-2026-34613
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugin...
CVE-2026-34739 AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...
CVE-2026-34739 AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...