9 matches found
EUVD-2023-43708
Malicious code in bioql PyPI...
CVE-2023-3015
A vulnerability has been found in yiwent Vip Video Analysis 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file data/title.php. The manipulation of the argument titurl leads to server-side request forgery. The attack can be launched remotely. The...
CVE-2023-3016
A vulnerability was found in yiwent Vip Video Analysis 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/admincore.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to th...
CVE-2023-3015
A vulnerability has been found in yiwent Vip Video Analysis 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file data/title.php. The manipulation of the argument titurl leads to server-side request forgery. The attack can be launched remotely. The...
Cross site scripting
A vulnerability was found in yiwent Vip Video Analysis 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/admincore.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to th...
Server side request forgery (ssrf)
A vulnerability has been found in yiwent Vip Video Analysis 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file data/title.php. The manipulation of the argument titurl leads to server-side request forgery. The attack can be launched remotely. The...
CVE-2023-3016
CVE-2023-3016 affects yiwent Vip Video Analysis 1.0. The vulnerability is in the admin/admincore.php component and is a cross-site scripting flaw. The issue can be triggered remotely and an exploit has been disclosed publicly. Several connected sources note no confirmed vendor patch/version updat...
CVE-2023-3015
The CVE-2023-3015 entry affects yiwent Vip Video Analysis 1.0, with a vulnerability in the data/title.php file where manipulating the titurl argument triggers server-side request forgery (SSRF). It can be exploited remotely, and public disclosures exist (VDB-230359). Connected sources corroborate...
PT-2023-22563 · Unknown · Yiwent Vip Video Analysis
Name of the Vulnerable Software and Affected Versions: yiwent Vip Video Analysis version 1.0 Description: A vulnerability was found in yiwent Vip Video Analysis, affecting some unknown functionality of the file admin/admincore.php. The manipulation leads to cross site scripting. The attack may be...