davidguva

2 exploits Active since Nov 2024
CVE-2024-46054 WRITEUP CRITICAL WORKING POC
OpenVidReview 1.0 - Unauthenticated Arbitrary File Upload via /upload Route
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files.
CVSS 9.8
CVE-2024-46055 WRITEUP MEDIUM WORKING POC
OpenVidReview 1.0 - Stored Cross-Site Scripting in Review Names
OpenVidReview 1.0 is vulnerable to Cross Site Scripting (XSS) in review names.
CVSS 4.8