Search
Search Results (11 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-47238 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-06-13 | 6.5 Medium |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #133, a normal authenticated user can edit another user's video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - #133. | ||||
| CVE-2026-45418 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-06-12 | 8.8 High |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #132. | ||||
| CVE-2026-49482 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-06-12 | 4.3 Medium |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #141, ClipBucket v5 contains an improper neutralization of SQL wildcard characters in the subtitle editing endpoint. An authenticated user can send a % character as the number parameter to overwrite all subtitle titles of any video they own in a single HTTP request. This issue has been patched in version 5.5.3 - #141. | ||||
| CVE-2026-45060 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-06-12 | 9.8 Critical |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #129. | ||||
| CVE-2026-42846 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-06-12 | 9.8 Critical |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly into shell commands without escaping then executed, so any shell metacharacter in the URL is interpreted. This results in arbitrary command execution. This issue has been patched in version 5.5.3 - #140. | ||||
| CVE-2026-42847 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-05-16 | N/A |
| ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #122, there is a critical SQL Injection (SQLi) vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint admin_area/action_logs.php. The endpoint admin_area/action_logs.php reads $_GET['type'], stores it in $result_array['type'], and forwards it into fetch_action_logs(), where the value is concatenated directly into a SQL WHERE condition on action_type without parameterization. This allows UNION-based SQL injection and direct data exfiltration from the database. This vulnerability is fixed in 5.5.3 - #122. | ||||
| CVE-2026-25728 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-04-17 | 7.5 High |
| ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability exists in ClipBucket's avatar and background image upload functionality. The application moves uploaded files to a web-accessible location before validating them, creating a window where an attacker can execute arbitrary PHP code before the file is deleted. The uploaded file was moved to a web-accessible path via move_uploaded_file(), then validated via ValidateImage(). If validation failed, the file was deleted via @unlink(). This vulnerability is fixed in 5.5.3 - #40. | ||||
| CVE-2026-26005 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-04-17 | 5 Medium |
| ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SSRF can be triggered, causing GET requests to be sent to internal servers. An attacker can exploit this to scan the internal network. Even a regular (non-privileged) user can carry out the attack. | ||||
| CVE-2026-26997 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-04-16 | 5.4 Medium |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, a normal authenticated user can store the XSS payload. The payload is triggered by administrator. Version 5.5.3 #59 fixes the issue. | ||||
| CVE-2026-28354 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-04-16 | 6.5 Medium |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item (/actions/add_to_collection.php) due to missing authorization checks and delete item (/manage_collections.php?mode=manage_items...) due to a broken ownership check in removeItemFromCollection(). As a result, attackers can insert and remove items from collections they do not own. Version 5.5.3 #59 fixes the issue. | ||||
| CVE-2026-32321 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-03-25 | 8.8 High |
| ClipBucket v5 is an open source video sharing platform. An authenticated time-based blind SQL injection vulnerability exists in ClipBucket prior to 5.5.3 #80 within the `actions/ajax.php` endpoint. Due to insufficient input sanitization of the `userid` parameter, an authenticated attacker can execute arbitrary SQL queries, leading to full database disclosure and potential administrative account takeover. Version 5.5.3 #80 fixes the issue. | ||||
Page 1 of 1.