Vulnerabilities > Wwbn > Avideo > 5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-32073 | Unspecified vulnerability in Wwbn Avideo WWBN AVideo is an open source video platform. | 8.8 |
| 2023-05-08 | CVE-2023-30860 | Unspecified vulnerability in Wwbn Avideo WWBN AVideo is an open source video platform. | 5.4 |
| 2023-04-28 | CVE-2023-30854 | Unspecified vulnerability in Wwbn Avideo AVideo is an open source video platform. | 8.8 |
| 2023-04-25 | CVE-2023-25313 | OS Command Injection vulnerability in Wwbn Avideo OS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the video link field to the Embed a video link feature. | 9.8 |
| 2023-04-25 | CVE-2023-25314 | Cross-site Scripting vulnerability in Wwbn Avideo Cross Site Scripting (XSS) vulnerability in World Wide Broadcast Network AVideo before 12.4, allows attackers to gain sensitive information via the success parameter to /user. | 6.1 |
| 2022-04-05 | CVE-2022-27462 | Cross-site Scripting vulnerability in Wwbn Avideo Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php. | 6.1 |
| 2022-04-05 | CVE-2022-27463 | Open Redirect vulnerability in Wwbn Avideo Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page. | 6.1 |
| 2021-02-01 | CVE-2021-21286 | Unspecified vulnerability in Wwbn Avideo AVideo Platform is an open-source Audio and Video platform. | 8.8 |
| 2020-11-16 | CVE-2020-23490 | Unspecified vulnerability in Wwbn Avideo There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. | 7.5 |
| 2020-11-16 | CVE-2020-23489 | Missing Authorization vulnerability in Wwbn Avideo The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. | 8.8 |