6 matches found
CVE-2026-8753 kalcaddle Kodbox fileThumb Plugin VideoResize.class.php parseVideoInfo command injection
A security vulnerability has been detected in kalcaddle Kodbox up to 1.64. This issue affects the function parseVideoInfo of the file /workspace/source-code/plugins/fileThumb/lib/VideoResize.class.php of the component fileThumb Plugin. The manipulation of the argument ffmpegBin leads to command...
PT-2026-41543
Name of the Vulnerable Software and Affected Versions kalcaddle Kodbox versions prior to 1.65 Description Command injection is possible via remote attack in the fileThumb Plugin. The issue exists within the parseVideoInfo function located in the...
CVE-2023-40504
LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...
PT-2024-13092 · Qualcomm · Snapdragon +117
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in video while parsing the Videoinfo, which occurs when the size of an atom is greater than the videoinfo size. The...
PT-2023-4730 · Lg · Lg Simple Editor
Name of the Vulnerable Software and Affected Versions: LG Simple Editor affected versions not specified Description: The issue is related to the readVideoInfo method of LG Simple Editor, which lacks proper validation of user-supplied strings before executing system calls. This allows remote...
Mail.ru: Access to information about any video and its owner via GraphQL endpoint [dictor.mail.ru]
An IDOR vulnerability in dictor.mail.ru allowed to obtain arbitrary video information via direct GraphQL query...