7 matches found
CVE-2019-18662
An issue was discovered in YouPHPTube through 7.7. User input passed through the livestreamcode POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php before being used to construct a SQL query. This can be exploited...
EUVD-2019-5629
Malware in sbrugna...
CVE-2021-25874
AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases information such as application passwords hashes...
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection...
CVE-2019-5123
Specially crafted web requests can cause SQL injections in YouPHPTube 7.6. An attacker can send a web request with Parameter dir in /objects/pluginSwitch.json.php...
CVE-2019-5116
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5119
An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltrati...