Vulnerabilities > Wwbn > Avideo > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-22 CVE-2022-28710 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo 11.6
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-610
6.5
6.5
2022-08-22 CVE-2022-30690 Unspecified vulnerability in Wwbn Avideo 11.6
A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn
6.1
6.1
2022-08-22 CVE-2022-32761 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo 11.6
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-610
6.5
6.5
2022-08-22 CVE-2022-32768 Unspecified vulnerability in Wwbn Avideo 11.6
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
high complexity
wwbn
4.2
4.2
2022-08-22 CVE-2022-32769 Unspecified vulnerability in Wwbn Avideo 11.6
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
high complexity
wwbn
5.0
5.0
2022-08-22 CVE-2022-32770 Cross-site Scripting vulnerability in Wwbn Avideo 11.6
A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-79
6.1
6.1
2022-08-22 CVE-2022-32771 Unspecified vulnerability in Wwbn Avideo 11.6
A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn
6.1
6.1
2022-08-22 CVE-2022-32772 Cross-site Scripting vulnerability in Wwbn Avideo 11.6
A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-79
6.1
6.1
2022-04-05 CVE-2022-27462 Cross-site Scripting vulnerability in Wwbn Avideo
Cross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php.
network
low complexity
wwbn CWE-79
6.1
6.1
2022-04-05 CVE-2022-27463 Open Redirect vulnerability in Wwbn Avideo
Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.
network
low complexity
wwbn CWE-601
6.1
6.1