wwbn
207 tracked vulnerabilities.
CVE-2023-25314
MEDIUM
AVideo < 12.4 - Cross-Site Scripting via User Success Parameter
Apr 25, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-25313
CRITICAL
AVideo < 12.4 - OS Command Injection via Video Link Embed Feature
Apr 25, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-34652
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - SQL Injection via Live Schedules Description Parameter
Aug 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-33149
HIGH
WWBN AVideo 11.6-dev master - SQL Injection
Aug 22, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-33148
HIGH
WWBN AVideo 11.6-dev master - SQL Injection
Aug 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-33147
HIGH
WWBN AVideo 11.6-dev master - SQL Injection
Aug 22, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-32778
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Information Disclosure via Cookie HttpOnly Flag Missing
Aug 22, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32777
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Information Disclosure via Session Cookie
Aug 22, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32772
MEDIUM
NUCLEI
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Cross-Site Scripting via Footer Alerts msg Parameter
Aug 22, 2022
CVSS 6.1
EPSS 0.03
CVE-2022-32771
MEDIUM
NUCLEI
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Cross-Site Scripting via Footer Alerts Success Parameter
Aug 22, 2022
CVSS 6.1
EPSS 0.03
CVE-2022-32770
MEDIUM
NUCLEI
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Cross-Site Scripting via Footer Alerts Toast Parameter
Aug 22, 2022
CVSS 6.1
EPSS 0.03
CVE-2022-32769
MEDIUM
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Authenticated Authentication Bypass via Playlists Plugin ID Handling
Aug 22, 2022
CVSS 5.0
EPSS 0.01
CVE-2022-32768
MEDIUM
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Authentication Bypass via Live Schedules Plugin ID Guessing
Aug 22, 2022
CVSS 4.2
EPSS 0.01
CVE-2022-32761
MEDIUM
WWBN AVideo 11.6 and dev master - Arbitrary File Read via aVideoEncoderReceiveImage
Aug 22, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-32572
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - OS Command Injection via aVideoEncoder wget Functionality
Aug 22, 2022
CVSS 8.8
EPSS 0.23
CVE-2022-32282
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Improper Authentication via Password Hash
Aug 22, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-30690
MEDIUM
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Cross-Site Scripting in Image403 Functionality
Aug 22, 2022
CVSS 6.1
EPSS 0.84
CVE-2022-30605
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Session Fixation via Crafted HTTP Request
Aug 22, 2022
CVSS 8.8
EPSS 0.04
CVE-2022-30547
CRITICAL
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Path Traversal and Arbitrary Command Execution via unzipDirectory
Aug 22, 2022
CVSS 9.9
EPSS 0.64
CVE-2022-30534
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - OS Command Injection via aVideoEncoder Chunkfile Functionality
Aug 22, 2022
CVSS 8.8
EPSS 0.74
CVE-2022-29468
HIGH
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Cross-Site Request Forgery
Aug 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28712
CRITICAL
WWBN AVideo 11.6 and dev master commit 3f7c0364 - Cross-Site Scripting in videoAddNew Functionality
Aug 22, 2022
CVSS 9.0
EPSS 0.02
CVE-2022-28710
MEDIUM
WWBN AVideo <11.6 - Info Disclosure
Aug 22, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-26842
CRITICAL
WWBN AVideo 11.6 and dev master - Reflected Cross-Site Scripting in Charts Tab Selection
Aug 22, 2022
CVSS 9.6
EPSS 0.03
CVE-2022-27463
MEDIUM
WWBN AVideo < 11.6 - Open Redirect via Login Endpoint
Apr 05, 2022
CVSS 6.1
EPSS 0.01
Quick Filters