Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wwbn avideo 11.6 vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2022-27463
Open redirect vulnerability in objects/login.json.php in WWBN AVideo up to and including 11.6, allows malicious users to arbitrarily redirect users from a crafted url to the login page.
Wwbn Avideo
383
VMScore
CVE-2022-27462
Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo up to and including 11.6, via the yptDevice parameter to view/include/head.php.
Wwbn Avideo
NA
CVE-2023-48728
A cross-site scripting (xss) vulnerability exists in the functiongetOpenGraph videoName functionality of WWBN AVideo 11.6 and dev master commit 3c6bb3ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to ...
Wwbn Avideo 11.6
Wwbn Avideo 3c6bb3ff
NA
CVE-2023-47861
A cross-site scripting (xss) vulnerability exists in the channelBody.php user name functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to tri...
Wwbn Avideo 11.6
Wwbn Avideo 15fed957fb
NA
CVE-2023-47171
An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.
Wwbn Avideo 11.6
Wwbn Avideo 15fed957fb
NA
CVE-2022-32761
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
Wwbn Avideo 11.6
NA
CVE-2022-32769
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can s...
Wwbn Avideo 11.6
NA
CVE-2022-33147
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
NA
CVE-2022-33148
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
NA
CVE-2022-33149
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »