wwbn/avideo Security Advisories (12)
-
[MEDIUM] AVideo cross-site scripting vulnerability in the view/about.php page
PKSA-m87c-2qr6-rc54 CVE-2024-34899 GHSA-f98p-2hc5-fm7v
Affected version: <14.3
Reported by:
GitHub -
[CRITICAL] WWBN AVideo Remote Code Execution
PKSA-1khc-7hwp-86mz CVE-2024-31819 GHSA-mv5w-wr5c-575p
Affected version: >=12.4,<=14.2
Reported by:
GitHub -
[MEDIUM] WWBN AVideo recovery notification bypass vulnerability
PKSA-bpdw-n2tk-hn54 CVE-2023-50172 GHSA-8m5f-2xvp-2c8w
Affected version: <=12.4
Reported by:
GitHub -
[CRITICAL] WWBN AVideo Insufficient Entropy vulnerbaility
PKSA-c41p-f5f9-8mhz CVE-2023-49599 GHSA-wqcc-qf63-c2x4
Affected version: <=12.4
Reported by:
GitHub -
[HIGH] WWBN AVideo Improper Restriction of Excessive Authentication Attempts vulnerability
PKSA-ybsw-d66n-nyf1 CVE-2023-49810 GHSA-v977-h4hm-rrff
Affected version: <=12.4
Reported by:
GitHub -
[HIGH] WWBN AVideo command injection vulnerability
PKSA-ws9n-zq9c-9xzs CVE-2023-32073 GHSA-2mhh-27v7-3vcx
Affected version: <=12.4
Reported by:
GitHub -
[HIGH] WWBN/AVideo stored XSS vulnerability leads to takeover of any user's account, including admin's account
PKSA-t55s-s47b-sccg CVE-2023-30860 GHSA-xr9h-p2rc-rpqm
Affected version: <12.4
Reported by:
GitHub -
[HIGH] Remote code injection in wwbn/avideo
PKSA-ct52-vj4v-3chj CVE-2023-30854 GHSA-6vrj-ph27-qfp3
Affected version: <12.4
Reported by:
GitHub -
[HIGH] Cross site scripting (XSS) in wwbn/avideo
PKSA-8k5w-rfw7-6y43 GHSA-2fch-hv74-fgw9
Affected version: <12.4
Reported by:
GitHub -
[CRITICAL] AVideo contains Command injection when embedding a video link
PKSA-cgqj-pxkw-3pc8 CVE-2023-25313 GHSA-pgvh-p3g4-86jw
Affected version: <12.4
Reported by:
GitHub -
[HIGH] AVideo vulnerable to Improper Privilege Management
PKSA-z1jq-qzpj-5hjc CVE-2020-23489 GHSA-2mgx-226x-8pwv
Affected version: <8.9
Reported by:
GitHub -
[MEDIUM] Open redirect in wwbn/avideo
PKSA-yy51-mh2t-n18p CVE-2022-27463 GHSA-34hv-f45p-4qfq
Affected version: <=11.6
Reported by:
GitHub