Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clip-bucket clipbucket vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-1000307
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote malicious users to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ...
Clip-bucket Clipbucket
NA
CVE-2014-4187
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote malicious users to inject arbitrary web script or HTML via the Username field.
Clip-bucket Clipbucket -
9.8
CVSSv3
CVE-2018-7664
An issue exists in ClipBucket prior to 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.
Clip-bucket Clipbucket
9.8
CVSSv3
CVE-2018-7666
An issue exists in ClipBucket prior to 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.php channelId parameter, the ajax/commonAjax.php email parameter, and the ajax/commonAjax.php username parameter.
Clip-bucket Clipbucket
NA
CVE-2012-5849
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) uid parameter in an add_friend action to ajax.php; id parameter in a (2) share_object, (3) add_to_fav, (4) rating...
Clip-bucket Clipbucket
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-7665
An issue exists in ClipBucket prior to 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
Clip-bucket Clipbucket
1 Github repository
6.1
CVSSv3
CVE-2016-4848
Cross-site scripting (XSS) vulnerability in ClipBucket prior to 2.8.1 RC2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Clip-bucket Clipbucket
5.4
CVSSv3
CVE-2015-4673
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the collection_description parameter to upload/manage_collections.php in an add_new action or the (2) photo_description, (3) p...
Clip-bucket Clipbucket 2.7.0.5
NA
CVE-2015-2102
SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote malicious users to execute arbitrary SQL commands via the item parameter.
Clip-bucket Clipbucket 2.7
1 EDB exploit
NA
CVE-2012-6642
Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote malicious users to inject arbitrary web script or HTML via the type parameter to view_channel.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inform...
Clip-bucket Clipbucket 2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »