25 matches found
EUVD-2019-14726
Malware in sbrugna...
EUVD-2019-14724
Malware in sbrugna...
CVE-2019-5121
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php...
CVE-2019-5114
An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5116
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5122
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter name in /objects/pluginSwitch.json.php...
CVE-2019-5121
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php...
CVE-2019-5116
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
Sql injection
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
Sql injection
An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltrati...
Sql injection
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
Sql injection
Specially crafted web requests can cause SQL injections in YouPHPTube 7.6. An attacker can send a web request with Parameter dir in /objects/pluginSwitch.json.php...
Sql injection
Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5119
CVE-2019-5119 affects YouPHPTube 7.6 with an authenticated SQL injection in /objects/subscribeNotify.json.php (user_id parameter) that can exfiltrate data and, in some configurations, access the OS. Talos/Red Hat and related advisories report multiple SQLi vulnerabilities across YouPHPTube 7.6/7....
CVE-2019-5120
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5114
An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5114
CVE-2019-5114 is an authenticated SQL injection in YouPHPTube 7.6 affecting the /objects/commentAddNew.json.php endpoint (comments_id parameter). TALOS reports an exploitable, authenticated vulnerability allowing data exfiltration of database contents and user credentials, with potential for broa...
CVE-2019-5123
The CVE-2019-5123 issue affects YouPHPTube 7.6 and involves SQL injection via the /objects/pluginSwitch.json.php endpoint (parameter dir). The TALOS advisory confirms authenticated SQL injections in the YouPHPTube 7.6 frontend/plugin switch logic, potentially allowing exfiltration of database dat...
CVE-2019-5122
YouPHPTube 7.6 exposes authenticated SQL injection vulnerabilities in /objects/pluginSwitch.json.php (parameters uuid, name, dir). The Talos report confirms exploitable injections that could exfiltrate information such as usernames and password hashes and, in some configs, access the underlying O...
CVE-2019-5121
YouPHPTube 7.6 contains authenticated SQL injection vulnerabilities in the /objects/pluginSwitch.json.php endpoint (parameter uuid, name, dir). TALOS documentation describes exploitable, authenticated SQL injections that could exfiltrate database data and, in certain configurations, access the OS...