Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
WwbnAvideo

9 matches found

CVE
CVEadded 2022/04/05 4:15 p.m.83 views

CVE-2022-27463

Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.

6.1CVSS6.1AI score0.00189EPSS
CVE
CVEadded 2022/04/05 4:15 p.m.69 views

CVE-2022-27462

Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php.

6.1CVSS5.9AI score0.00228EPSS
CVE
CVEadded 2022/08/22 7:15 p.m.59 views

CVE-2022-32761

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.

6.5CVSS6.4AI score0.00527EPSS
CVE
CVEadded 2022/08/22 7:15 p.m.49 views

CVE-2022-28710

An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.

6.5CVSS6.4AI score0.00527EPSS
CVE
CVEadded 2024/01/10 4:15 p.m.33 views

CVE-2023-49864

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURL_image parameter.

6.5CVSS6.8AI score0.00325EPSS
CVE
CVEadded 2023/04/25 4:15 p.m.32 views

CVE-2023-25314

Cross Site Scripting (XSS) vulnerability in World Wide Broadcast Network AVideo before 12.4, allows attackers to gain sensitive information via the success parameter to /user.

6.1CVSS6AI score0.0009EPSS
CVE
CVEadded 2024/01/10 4:15 p.m.32 views

CVE-2023-49863

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURL_webpimage parameter.

6.5CVSS6.8AI score0.00325EPSS
CVE
CVEadded 2024/01/10 4:15 p.m.30 views

CVE-2023-49862

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the downloadURL_gifimage parameter.

6.5CVSS6.8AI score0.00325EPSS
CVE
CVEadded 2024/01/10 4:15 p.m.22 views

CVE-2023-47171

An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.

6.5CVSS6.4AI score0.00309EPSS