Wwbn

Avideo

206 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-49863

Exploit
  • EPSS 1.07%
  • Veröffentlicht 10.01.2024 16:15:49
  • Zuletzt bearbeitet 04.11.2025 19:16:10

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is tr...

6.5

CVE-2023-49864

Exploit
  • EPSS 1.07%
  • Veröffentlicht 10.01.2024 16:15:49
  • Zuletzt bearbeitet 04.11.2025 19:16:10

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is tr...

5.3

CVE-2023-50172

Exploit
  • EPSS 0.83%
  • Veröffentlicht 10.01.2024 16:15:49
  • Zuletzt bearbeitet 04.11.2025 19:16:14

A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to the silent creation of a recovery pass code for ...

8.8

CVE-2023-49589

Exploit
  • EPSS 0.95%
  • Veröffentlicht 10.01.2024 16:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:09

An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to an arbitrary user password recovery. An attacker ca...

9.8

CVE-2023-49599

Exploit
  • EPSS 0.96%
  • Veröffentlicht 10.01.2024 16:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:09

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via...

8.8

CVE-2023-49715

Exploit
  • EPSS 1.37%
  • Veröffentlicht 10.01.2024 16:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:09

A unrestricted php file upload vulnerability exists in the import.json.php temporary copy functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary code execution when chained with an LFI vulner...

7.5

CVE-2023-49738

Exploit
  • EPSS 1.32%
  • Veröffentlicht 10.01.2024 16:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:09

An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.

6.5

CVE-2023-49810

Exploit
  • EPSS 0.67%
  • Veröffentlicht 10.01.2024 16:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:09

A login attempt restriction bypass vulnerability exists in the checkLoginAttempts functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to captcha bypass, which can be abused by an attacker to brute forc...

6.5

CVE-2023-49862

Exploit
  • EPSS 1.07%
  • Veröffentlicht 10.01.2024 16:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:10

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is tr...

6.5

CVE-2023-47171

Exploit
  • EPSS 1.07%
  • Veröffentlicht 10.01.2024 16:15:47
  • Zuletzt bearbeitet 04.11.2025 19:16:05

An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.