Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clip-bucket clipbucket vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5849
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) uid parameter in an add_friend action to ajax.php; id parameter in a (2) share_object, (3) add_to_fav, (4) rating...
Clip-bucket Clipbucket
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-7664
An issue exists in ClipBucket prior to 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.
Clip-bucket Clipbucket
9.8
CVSSv3
CVE-2018-7666
An issue exists in ClipBucket prior to 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.php channelId parameter, the ajax/commonAjax.php email parameter, and the ajax/commonAjax.php username parameter.
Clip-bucket Clipbucket
6.1
CVSSv3
CVE-2016-4848
Cross-site scripting (XSS) vulnerability in ClipBucket prior to 2.8.1 RC2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Clip-bucket Clipbucket
6.1
CVSSv3
CVE-2016-1000307
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote malicious users to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ...
Clip-bucket Clipbucket
9.8
CVSSv3
CVE-2018-7665
An issue exists in ClipBucket prior to 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
Clip-bucket Clipbucket
1 Github repository
NA
CVE-2014-4187
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote malicious users to inject arbitrary web script or HTML via the Username field.
Clip-bucket Clipbucket -
NA
CVE-2012-6642
Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote malicious users to inject arbitrary web script or HTML via the type parameter to view_channel.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inform...
Clip-bucket Clipbucket 2.6
NA
CVE-2012-6643
Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote malicious users to execute arbitrary SQL commands via the time parameter to (1) videos.php or (2) channels.php. NOTE: some of these details are obtained ...
Clip-bucket Clipbucket 2.6
2 EDB exploits
NA
CVE-2012-6644
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; o...
Clip-bucket Clipbucket 2.6
8 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »