Vulnerabilities > Clip Bucket

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2018-7666 SQL Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-89
critical
9.8
2018-03-05 CVE-2018-7665 Unrestricted Upload of File with Dangerous Type vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-434
critical
9.8
2018-03-05 CVE-2018-7664 OS Command Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-78
critical
9.8
2017-04-06 CVE-2016-1000307 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ProfileSettings page; (2) note parameter to PersonalNotes Section; (3) closed_msg, description, allowed_types parameters to WebsiteConfigurations Section.
network
low complexity
clip-bucket CWE-79
6.1
2017-04-06 CVE-2015-4673 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket 2.7.0.5
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the collection_description parameter to upload/manage_collections.php in an add_new action or the (2) photo_description, (3) photo_tags, or (4) photo_title parameter to upload/actions/photo_uploader.php.
network
low complexity
clip-bucket CWE-79
5.4
2016-09-02 CVE-2016-4848 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket
Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
clip-bucket CWE-79
6.1