Vulnerabilities > Youphptube > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-11-02 CVE-2019-18662 SQL Injection vulnerability in Youphptube
An issue was discovered in YouPHPTube through 7.7.
network
low complexity
youphptube CWE-89
critical
 9.8
9.8
2019-10-31 CVE-2019-5151 SQL Injection vulnerability in Youphptube 7.7
An exploitable SQL injection vulnerability exist in YouPHPTube 7.7.
network
low complexity
youphptube CWE-89
critical
 9.8
9.8
2019-10-25 CVE-2019-5129 OS Command Injection vulnerability in Youphptube Encoder 2.3
A command injection have been found in YouPHPTube Encoder.
network
low complexity
youphptube CWE-78
critical
 9.8
9.8
2019-10-25 CVE-2019-5128 OS Command Injection vulnerability in Youphptube Encoder 2.3
A command injection have been found in YouPHPTube Encoder.
network
low complexity
youphptube CWE-78
critical
 9.8
9.8
2019-10-25 CVE-2019-5127 OS Command Injection vulnerability in Youphptube Encoder 2.3
A command injection have been found in YouPHPTube Encoder.
network
low complexity
youphptube CWE-78
critical
 9.8
9.8
2019-10-25 CVE-2019-5114 SQL Injection vulnerability in Youphptube 7.6
An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
critical
 9.9
9.9
2019-09-09 CVE-2019-16124 Missing Authorization vulnerability in Youphptube
In YouPHPTube 7.4, the file install/checkConfiguration.php has no access control, which leads to everyone being able to edit the configuration file, and insert malicious PHP code.
network
low complexity
youphptube CWE-862
critical
 9.8
9.8