Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wwbn avideo 11.6 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2022-27463
Open redirect vulnerability in objects/login.json.php in WWBN AVideo up to and including 11.6, allows malicious users to arbitrarily redirect users from a crafted url to the login page.
Wwbn Avideo
4.3
CVSSv2
CVE-2022-27462
Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo up to and including 11.6, via the yptDevice parameter to view/include/head.php.
Wwbn Avideo
NA
CVE-2023-48728
A cross-site scripting (xss) vulnerability exists in the functiongetOpenGraph videoName functionality of WWBN AVideo 11.6 and dev master commit 3c6bb3ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to ...
Wwbn Avideo 11.6
Wwbn Avideo 3c6bb3ff
NA
CVE-2023-47861
A cross-site scripting (xss) vulnerability exists in the channelBody.php user name functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to tri...
Wwbn Avideo 11.6
Wwbn Avideo 15fed957fb
NA
CVE-2023-47171
An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.
Wwbn Avideo 11.6
Wwbn Avideo 15fed957fb
NA
CVE-2022-32761
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
Wwbn Avideo 11.6
NA
CVE-2022-32768
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can s...
Wwbn Avideo 11.6
NA
CVE-2022-32769
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can s...
Wwbn Avideo 11.6
NA
CVE-2022-32770
A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP r...
Wwbn Avideo 11.6
NA
CVE-2022-32771
A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP r...
Wwbn Avideo 11.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »