Vulnerabilities > Youphptube > Youphptube > 7.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-01 | CVE-2021-25874 | SQL Injection vulnerability in Youphptube AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases information such as application passwords hashes. | 7.5 |
2021-11-01 | CVE-2021-25875 | Cross-site Scripting vulnerability in Youphptube AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the searchPhrase parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator. | 6.1 |
2021-11-01 | CVE-2021-25876 | Cross-site Scripting vulnerability in Youphptube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the u parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator. | 6.1 |
2021-11-01 | CVE-2021-25877 | Code Injection vulnerability in Youphptube AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. | 7.2 |
2021-11-01 | CVE-2021-25878 | Cross-site Scripting vulnerability in Youphptube AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator. | 6.1 |
2019-11-02 | CVE-2019-18662 | SQL Injection vulnerability in Youphptube An issue was discovered in YouPHPTube through 7.7. | 7.5 |
2019-10-25 | CVE-2019-5123 | SQL Injection vulnerability in Youphptube 7.6 Specially crafted web requests can cause SQL injections in YouPHPTube 7.6. | 6.5 |
2019-10-25 | CVE-2019-5122 | SQL Injection vulnerability in Youphptube 7.6 SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. | 6.5 |
2019-10-25 | CVE-2019-5121 | SQL Injection vulnerability in Youphptube 7.6 SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. | 6.5 |
2019-10-25 | CVE-2019-5120 | SQL Injection vulnerability in Youphptube 7.6 An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. | 6.5 |