Vulnerabilities > Wwbn

DATE CVE VULNERABILITY TITLE RISK
2022-08-22 CVE-2022-28710 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo 11.6
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-610
6.5
6.5
2022-08-22 CVE-2022-28712 Cross-site Scripting vulnerability in Wwbn Avideo 11.6
A cross-site scripting (xss) vulnerability exists in the videoAddNew functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-79
critical
 9.0
9.0
2022-08-22 CVE-2022-29468 Cross-Site Request Forgery (CSRF) vulnerability in Wwbn Avideo 11.6
A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-352
8.8
8.8
2022-08-22 CVE-2022-30534 OS Command Injection vulnerability in Wwbn Avideo 11.6
An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-78
8.8
8.8
2022-08-22 CVE-2022-30547 Path Traversal vulnerability in Wwbn Avideo 11.6
A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-22
critical
 9.9
9.9
2022-08-22 CVE-2022-30605 Session Fixation vulnerability in Wwbn Avideo 11.6
A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-384
8.8
8.8
2022-08-22 CVE-2022-30690 Cross-site Scripting vulnerability in Wwbn Avideo 11.6
A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-79
6.1
6.1
2022-08-22 CVE-2022-32282 Improper Authentication vulnerability in Wwbn Avideo 11.6
An improper password check exists in the login functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-287
8.8
8.8
2022-08-22 CVE-2022-32572 OS Command Injection vulnerability in Wwbn Avideo 11.6
An os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-78
8.8
8.8
2022-08-22 CVE-2022-32761 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo 11.6
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364.
network
low complexity
wwbn CWE-610
6.5
6.5