Vulnerabilities > Youphptube > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-01 CVE-2021-25875 Cross-site Scripting vulnerability in Youphptube
AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the searchPhrase parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator.
network
low complexity
youphptube CWE-79
6.1
6.1
2021-11-01 CVE-2021-25876 Cross-site Scripting vulnerability in Youphptube
AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the u parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator.
network
low complexity
youphptube CWE-79
6.1
6.1
2021-11-01 CVE-2021-25878 Cross-site Scripting vulnerability in Youphptube
AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator.
network
low complexity
youphptube CWE-79
6.1
6.1
2019-10-31 CVE-2019-5150 SQL Injection vulnerability in Youphptube 7.7
An exploitable SQL injection vulnerability exist in YouPHPTube 7.7.
network
youphptube CWE-89
6.8
6.8
2019-10-25 CVE-2019-5123 SQL Injection vulnerability in Youphptube 7.6
Specially crafted web requests can cause SQL injections in YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
6.5
6.5
2019-10-25 CVE-2019-5122 SQL Injection vulnerability in Youphptube 7.6
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
6.5
6.5
2019-10-25 CVE-2019-5121 SQL Injection vulnerability in Youphptube 7.6
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
6.5
6.5
2019-10-25 CVE-2019-5120 SQL Injection vulnerability in Youphptube 7.6
An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
6.5
6.5
2019-10-25 CVE-2019-5119 SQL Injection vulnerability in Youphptube 7.6
An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
6.5
6.5
2019-10-25 CVE-2019-5117 SQL Injection vulnerability in Youphptube 7.6
Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6.
network
low complexity
youphptube CWE-89
6.5
6.5