Vulnerabilities > Clip Bucket > Clipbucket > 2.7

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2018-7666 SQL Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-89
7.5
7.5
2018-03-05 CVE-2018-7665 Unrestricted Upload of File with Dangerous Type vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-434
critical
 10.0
10
2018-03-05 CVE-2018-7664 OS Command Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-78
critical
 10.0
10
2017-04-06 CVE-2016-1000307 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ProfileSettings page; (2) note parameter to PersonalNotes Section; (3) closed_msg, description, allowed_types parameters to WebsiteConfigurations Section. 		4.3
4.3
2016-09-02 CVE-2016-4848 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket
Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 		4.3
4.3
2015-02-27 CVE-2015-2102 SQL Injection vulnerability in Clip-Bucket Clipbucket 2.7
SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter.
network
low complexity
clip-bucket CWE-89
7.5
7.5