WWBN AVideo 跨站请求伪造漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the objects/configurationUpdate.json.php file, which protected the endpoint through...

Samsung SmartThings Hub STH-ETH-250 video-core HTTP server injection vulnerability

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A security vulnerability exists in the REST parser of the video-core HTTP server in the Samsung SmartThings Hub STH-ETH-250 using firmware version 0.20.17, which...