Lucene search

K
WwbnAvideo

55 matches found

CVE
CVE
added 2025/07/24 4:15 p.m.5 views

CVE-2025-41420

A cross-site scripting (xss) vulnerability exists in the userLogin cancelUri parameter functionality of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnera...

9.6CVSS6.1AI score0.00152EPSS
CVE
CVE
added 2025/07/24 4:15 p.m.5 views

CVE-2025-46410

A cross-site scripting (xss) vulnerability exists in the managerPlaylists PlaylistOwnerUsersId parameter functionality of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to tr...

9.6CVSS6.1AI score0.00073EPSS
CVE
CVE
added 2025/07/24 4:15 p.m.5 views

CVE-2025-48732

An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability.

9.8CVSS7.2AI score0.00899EPSS
CVE
CVE
added 2025/07/24 4:15 p.m.5 views

CVE-2025-50128

A cross-site scripting (xss) vulnerability exists in the videoNotFound 404ErrorMsg parameter functionality of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this v...

9.6CVSS6.1AI score0.00073EPSS
CVE
CVE
added 2025/07/24 4:15 p.m.5 views

CVE-2025-53084

A cross-site scripting (xss) vulnerability exists in the videosList page parameter functionality of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerabili...

9CVSS6.1AI score0.00078EPSS
Total number of security vulnerabilities55