Vulnerabilities > Clip Bucket > Clipbucket > 2.8.1

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2018-7666 SQL Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-89
critical
 9.8
9.8
2018-03-05 CVE-2018-7665 Unrestricted Upload of File with Dangerous Type vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-434
critical
 9.8
9.8
2018-03-05 CVE-2018-7664 OS Command Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-78
critical
 9.8
9.8
2017-04-06 CVE-2016-1000307 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occupation, companies, hobbies, fav_movies, fav_music, fav_books parameters to ProfileSettings page; (2) note parameter to PersonalNotes Section; (3) closed_msg, description, allowed_types parameters to WebsiteConfigurations Section.
network
low complexity
clip-bucket CWE-79
6.1
6.1
2016-09-02 CVE-2016-4848 Cross-site Scripting vulnerability in Clip-Bucket Clipbucket
Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
clip-bucket CWE-79
6.1
6.1