Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wwbn avideo 11.6 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-34652
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
8.8
CVSSv3
CVE-2022-33148
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
8.8
CVSSv3
CVE-2022-33149
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
8.8
CVSSv3
CVE-2022-29468
A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.
Wwbn Avideo 11.6
8.8
CVSSv3
CVE-2022-30605
A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger t...
Wwbn Avideo 11.6
6.1
CVSSv3
CVE-2022-27462
Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo up to and including 11.6, via the yptDevice parameter to view/include/head.php.
Wwbn Avideo
6.1
CVSSv3
CVE-2022-27463
Open redirect vulnerability in objects/login.json.php in WWBN AVideo up to and including 11.6, allows malicious users to arbitrarily redirect users from a crafted url to the login page.
Wwbn Avideo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3