Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clip-bucket clipbucket vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2018-7664
An issue exists in ClipBucket prior to 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.
Clip-bucket Clipbucket
668
VMScore
CVE-2018-7666
An issue exists in ClipBucket prior to 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.php channelId parameter, the ajax/commonAjax.php email parameter, and the ajax/commonAjax.php username parameter.
Clip-bucket Clipbucket
383
VMScore
CVE-2016-4848
Cross-site scripting (XSS) vulnerability in ClipBucket prior to 2.8.1 RC2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Clip-bucket Clipbucket
383
VMScore
CVE-2016-1000307
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote malicious users to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ...
Clip-bucket Clipbucket
383
VMScore
CVE-2014-4187
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote malicious users to inject arbitrary web script or HTML via the Username field.
Clip-bucket Clipbucket -
890
VMScore
CVE-2018-7665
An issue exists in ClipBucket prior to 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
Clip-bucket Clipbucket
1 Github repository
755
VMScore
CVE-2012-5849
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) uid parameter in an add_friend action to ajax.php; id parameter in a (2) share_object, (3) add_to_fav, (4) rating...
Clip-bucket Clipbucket
1 EDB exploit
1 Github repository
383
VMScore
CVE-2012-6642
Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote malicious users to inject arbitrary web script or HTML via the type parameter to view_channel.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inform...
Clip-bucket Clipbucket 2.6
470
VMScore
CVE-2012-6644
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; o...
Clip-bucket Clipbucket 2.6
8 EDB exploits
445
VMScore
CVE-2011-3717
ClipBucket 2.0.9 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/signup_captcha/signup_captcha.php and certain other files.
Clip-bucket Clipbucket 2.0.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »