Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / wwbn

wwbn

197 tracked vulnerabilities.

CVE-2026-29093 HIGH

WWBN AVideo <24.0 - Session Hijacking

CVE-2026-28502 HIGH

WWBN AVideo <24.0 - Authenticated RCE

CVE-2026-28501 CRITICAL

WWBN AVideo < 24.0 - Unauthenticated SQL Injection via catName Parameter in JSON POST Request

CVE-2026-27732 HIGH

WWBN AVideo < 22.0 - Authenticated Server-Side Request Forgery via aVideoEncoder.json.php DownloadURL Parameter

CVE-2026-27568 MEDIUM

WWBN AVideo < 21.0 - Authenticated Stored Cross-Site Scripting via Markdown Link Injection

CVE-2025-34442 HIGH

AVideo < 20.1 - Sensitive System Information Exposure via Public API Endpoints

CVE-2025-34441 HIGH

AVideo < 20.1 - Unauthenticated Exposure of Sensitive User Information via Public API

CVE-2025-34440 MEDIUM

AVideo < 20.1 - Open Redirect via siteRedirectUri Parameter

CVE-2025-34439 MEDIUM

AVideo < 20.1 - Open Redirect via cancelUri Parameter

CVE-2025-34438 HIGH

AVideo < 20.1 - Insecure Direct Object Reference in Video Rotation Metadata

CVE-2025-34437 HIGH

AVideo < 20.1 - Authenticated Arbitrary Comment Image Upload via Missing Ownership Check

CVE-2025-34436 HIGH

AVideo < 20.1 - Authenticated Arbitrary File Upload via Insecure Direct Object Reference

CVE-2025-34435 MEDIUM

AVideo < 20.1 - Authenticated Arbitrary File Deletion via IDOR

CVE-2025-34434 CRITICAL

AVideo < 20.1 - Unauthenticated Arbitrary File Upload and Deletion via ImageGallery Plugin

CVE-2025-53084 CRITICAL

WWBN AVideo 14.4 and dev master - Cross-Site Scripting via VideosList Page Parameter

CVE-2025-50128 CRITICAL

WWBN AVideo 14.4 and dev master - Stored Cross-Site Scripting via videoNotFound 404ErrorMsg Parameter

CVE-2025-48732 HIGH

WWBN AVideo 14.4 and dev master - Remote Code Execution via .phar File Request

CVE-2025-46410 CRITICAL

WWBN AVideo 14.4 and dev master - Cross-Site Scripting via managerPlaylists PlaylistOwnerUsersId Parameter

CVE-2025-41420 CRITICAL

WWBN AVideo 14.4 and dev master - Cross-Site Scripting via UserLogin cancelUri Parameter

CVE-2025-36548 HIGH

WWBN AVideo 14.4 and dev master - Cross-Site Scripting via LoginWordPress cancelUri Parameter

CVE-2025-25214 HIGH

WWBN AVideo 14.4 RCE via Race Condition in aVideoEncoder.json.php Unzip

CVE-2024-34899 MEDIUM

WWBN AVideo 12.4 - Cross-Site Scripting

CVE-2024-31819 CRITICAL

WWBN AVideo 12.4-14.2 - Remote Code Execution via systemRootPath Parameter

CVE-2023-50172 MEDIUM

WWBN AVideo - Recovery Notification Bypass via Captcha Validation

CVE-2023-49864 MEDIUM

WWBN AVideo - Arbitrary File Read via aVideoEncoderReceiveImage.json.php downloadURL_image Parameter

Previous Page 6 of 8 Next

Products

avideo 195 AVideo 124 avideo-encoder 3 AVideo-Encoder 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy