39 matches found
ClipBucket 安全漏洞
ClipBucket is an open-source PHP script developed by MacWarrior. It is available for free download and used to create video-sharing websites. Versions of ClipBucket prior to v5.5.3.359 contained a security vulnerability due to a lack of authorization checks, which could lead to modifying other...
EUVD-2017-8807
Malware in sbrugna...
ClipBucket 安全漏洞
ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A security vulnerability exists in ClipBucket 2.6 and earlier versions, which stems from an unauthenticated ofcuploadimage.php endpoint that could lead to arbitrary fil...
Readymade Video Sharing Script 3.2 SQL Injection
Exploit Title: Readymade Video Sharing Script - SQL Injection Error Based Google Dork: NA Date: 10.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Version: 3.2 Tested on: Windows...
Readymade Video Sharing Script 3.2 - 'search' SQL Injection
Exploit Title: Readymade Video Sharing Script - SQL Injection Error Based Google Dork: NA Date: 10.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Version: 3.2 Tested on: Windows...
CVE-2017-17892
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the searchvideo.php search parameter...
CVE-2017-17891
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
Cross site request forgery (csrf)
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
Design/Logic Flaw
Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...
PHP Scripts Mall Readymade Video Sharing Script Cross-Site Scripting Vulnerability
PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script. A remote attacker can send a 'search' parameter to the...
CVE-2017-17891
CVE-2017-17891 affects Readymade Video Sharing Script. The vulnerability is a cross-site request forgery (CSRF) in the user-profile-edit.php endpoint. According to CNVD-2018-01938 and corroborating sources, a remote attacker can lure a logged‑in user to trigger changes to sensitive settings via t...
CVE-2017-17891
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
CVE-2017-17892
The CVE-2017-17892 entry refers to Readymade Video Sharing Script with an SQL Injection vulnerability exposed through viewsubs.php?chnlid and search_video.php?search. Multiple connected sources confirm this vulnerability exists in the Readymade Video Sharing Script and detail the injection vector...
CVE-2017-17893
The following CVE concerns the Readymade Video Sharing Script (PHP Scripts Mall). It has a stored/reflected Cross‑Site Scripting (XSS) vulnerability exploitable via user input parameters: search_video.php using the search parameter, viewsubs.php using the chnlid parameter, and user-profile-edit.p...
PHP Scripts Mall Readymade Video Sharing Script HTTP Injection Vulnerability
PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. An HTML injection vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script version 3.2. An attacker can exploit this vulnerability to inject HTML co...
Design/Logic Flaw
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...
CVE-2017-17649
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...
CVE-2017-17649
Readymade Video Sharing Script 3.2 is affected by an HTML Injection vulnerability in the single-video-detail.php comment parameter. The root cause is unvalidated input reflected into HTML, enabling injection of markup. Affected component: Readymade Video Sharing Script 3.2 (PHP Scripts Mall). Rep...
CVE-2017-17649
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...
PHP Scripts Mall Readymade Video Sharing Script SQL Injection Vulnerability
PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script version 3.2. The vulnerability can be exploited by a remote attacker to...