CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Metasploit•added 2024/05/21 7:56 p.m.•358 views

AVideo WWBNIndex Plugin Unauthenticated RCE

This module exploits an unauthenticated remote code execution RCE vulnerability in the WWBNIndex plugin of the AVideo platform. The vulnerability exists within the submitIndex.php file, where user-supplied input is passed directly to the require function without proper sanitization. By exploiting...

9.8CVSS8.5AI score0.85868EPSS

Exploits6

NVD•added 2024/04/10 8:15 p.m.•7 views

CVE-2024-31819

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component...

9.8CVSS7.5AI score0.85868EPSS

Exploits6References4

CVE•added 2024/04/10 12:0 a.m.•60 views

CVE-2024-31819

CVE-2024-31819 affects WWBN AVideo versions 12.4–14.2. The vulnerability lies in the submitIndex.php component (systemRootPath parameter), allowing an unauthenticated remote attacker to execute arbitrary PHP code (remote code execution). Public exploit references exist (e.g., Metasploit module an...

9.8CVSS7.7AI score0.85868EPSS

Exploits6References4Affected Software1

Vulnrichment•added 2024/04/10 12:0 a.m.•8 views

CVE-2024-31819

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component...

7.8AI score0.85868EPSS

Exploits6References4

Cvelist•added 2024/04/10 12:0 a.m.•11 views

CVE-2024-31819

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component...

7.7AI score0.85868EPSS

Exploits6References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by