Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/23 1:51 p.m.2 views

CVE-2026-33351 AVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification Bypass

WWBN AVideo is an open source video platform. Prior to version 26.0, a Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the...

9.1CVSS5.8AI score0.00431EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/23 1:51 p.m.23 views

CVE-2026-33351 AVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification Bypass

WWBN AVideo is an open source video platform. Prior to version 26.0, a Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the...

9.1CVSS0.00431EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/19 7:13 p.m.8 views

AVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification Bypass

Summary A Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the $REQUEST'webSiteRootURL' parameter is used directly to construct a URL that is...

9.1CVSS5.8AI score0.00431EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/19 7:13 p.m.6 views

GHSA-5F7V-4F6G-74RJ AVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification Bypass

Summary A Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the $REQUEST'webSiteRootURL' parameter is used directly to construct a URL that is...

9.1CVSS5.8AI score0.00431EPSS
Exploits1References4
Rows per page
Query Builder