CVE-2021-47914

PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijackin...

CVE-2021-47914

PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijackin...

CVE-2021-47914 PHP Melody 3.0 Persistent XSS Vulnerability via Edit Video Parameter

PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijackin...

CVE-2021-47914 PHP Melody 3.0 Persistent XSS Vulnerability via Edit Video Parameter

PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijackin...

CVE-2021-47914

PHP Melody 3.0 is affected by a persistent cross-site scripting (XSS) vulnerability in the edit-video.php submitted parameter. The root cause is a flaw in handling the parameter, allowing an attacker to inject malicious script code that can be executed in a victim’s browser. Reported impacts incl...

PT-2026-5559

PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijackin...

EUVD-2014-8583

Malware in sbrugna...

WordPress plugin Simple Video Management System 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2025-1793 · WordPress · Simple Video Management System

Name of the Vulnerable Software and Affected Versions: Simple Video Management System plugin for WordPress versions up to, and including, 1.0.4 Description: The issue is related to Reflected Cross-Site Scripting via the analytics video parameter due to insufficient input sanitization and output...

The vulnerability of the hevc_parse_vps_extension() function in the media_tools/av_parsers.c file of the GPAC multimedia platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the hevcparsevpsextension function in the mediatools/avparsers.c file of the GPAC multimedia platform is related to the incorrect use of dynamic memory during program execution. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity,...

GPAC MP4Box 安全漏洞

GPAC MP4Box is multimedia packager. It is mainly used to work with ISOBMF files e.g. MP4, 3GP, but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS. A security vulnerability exists in GPAC MP4Box version 2.1-DEV-rev644-g5c4df2a67, which stems from a...

CVE-2020-24142

Server-side request forgery in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hos...

Server side request forgery (ssrf)

Server-side request forgery in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hos...

CVE-2020-24142

Server-side request forgery in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hos...

PT-2023-15454 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4Box version 2.1-DEV-rev644-g5c4df2a67 Description: The issue is related to a buffer overflow in the gf hevc read vps bs internal function, located in the media tools/av parsers.c file at line 8039. This function is part of the GPAC...

CVE-2017-17893

Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...

CVE-2017-17892

Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the searchvideo.php search parameter...

CVE-2017-17893

Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...

PHP Scripts Mall Readymade Video Sharing Script SQL Injection Vulnerability

PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script version 3.2. The vulnerability can be exploited by a remote attacker to...