Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wwbn avideo 11.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-34652
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
NA
CVE-2022-33148
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
NA
CVE-2022-33149
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in th...
Wwbn Avideo 11.6
NA
CVE-2022-29468
A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.
Wwbn Avideo 11.6
NA
CVE-2022-30605
A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger t...
Wwbn Avideo 11.6
5.8
CVSSv2
CVE-2022-27463
Open redirect vulnerability in objects/login.json.php in WWBN AVideo up to and including 11.6, allows malicious users to arbitrarily redirect users from a crafted url to the login page.
Wwbn Avideo
4.3
CVSSv2
CVE-2022-27462
Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo up to and including 11.6, via the yptDevice parameter to view/include/head.php.
Wwbn Avideo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3