Description
Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Mustafa ALTINKAYNAK · textwebappsphp
https://www.exploit-db.com/exploits/33514
References (4)
Core 4
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/33514
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58844
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67766
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/126866/Videos-Tube-1.0-SQL-Injection.html
Scores
EPSS
0.0082
EPSS Percentile
74.5%
Details
CWE
CWE-89
Status
published
Products (1)
videos_tube_project/videos_tube
1.0
Published
Jun 04, 2014
Tracked Since
Feb 18, 2026