Avideo@12.4 Security Vulnerabilities and Issues — Avideo@12.4 CVE List

Lucene search

WwbnAvideo12.4

3 matches found

CVE•added 2024/05/14 3:39 p.m.•64 views

CVE-2024-34899

WWBN AVideo 12.4 is vulnerable to Cross Site Scripting (XSS).

5.4CVSS6.3AI score0.00086EPSS

CVE•added 2024/04/10 8:15 p.m.•54 views

CVE-2024-31819

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

9.8CVSS7.7AI score0.80423EPSS

Web

CVE•added 2023/05/12 2:15 p.m.•52 views

CVE-2023-32073

WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at plugin/CloneSite/cloneClient.json.php which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to ver...

8.8CVSS9AI score0.57628EPSS

Web