Clipbucket Security Vulnerabilities and Issues — Clipbucket CVE List

Lucene search

Clip-bucketClipbucket

3 matches found

cve•added 2018/03/05 7:29 a.m.•45 views

CVE-2018-7666

An issue was discovered in ClipBucket before 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.php channelId parameter, the ajax/commonAjax.php email parameter, and the ajax/commonAjax.php username parameter.

9.8CVSS10AI score0.00264EPSS

cve•added 2018/03/05 7:29 a.m.•42 views

CVE-2018-7664

An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.

10CVSS9.4AI score0.00762EPSS

cve•added 2018/03/05 7:29 a.m.•41 views

CVE-2018-7665

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.

10CVSS9.3AI score0.71882EPSS