CVE-2026-33319

WWBN AVideo is an open source video platform. Prior to version 26.0, the uploadVideoToLinkedIn method in the SocialMediaPublisher plugin constructs a shell command by directly interpolating an upload URL received from LinkedIn's API response, without sanitization via escapeshellarg. If an attacke...

WordPress plugin Blog2Social 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Code injection

An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadVideo URI...

cuteeditor using the method of two-vulnerability and early warning-the black bar safety net

Author: m@w01f 1. Direct Download load. ashx configuration file http://www.7747.net/CuteSoftClie ... ../../../web. config Then view some of the sql configuration information from the sql database connection to start with connectionStrings add name="ynncConnectionString" connectionString="Server=....