CVE-2014-8339
- EPSS 0.43%
- Veröffentlicht 04.11.2014 15:55:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.
CVE-2008-7188
- EPSS 3.63%
- Veröffentlicht 09.09.2009 17:30:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of ...
CVE-2008-6173
- EPSS 0.2%
- Veröffentlicht 19.02.2009 16:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2008-5489
- EPSS 1.31%
- Veröffentlicht 12.12.2008 16:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.
CVE-2008-2793
- EPSS 0.41%
- Veröffentlicht 20.06.2008 11:48:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
CVE-2008-0089
- EPSS 0.62%
- Veröffentlicht 04.01.2008 01:46:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
CVE-2007-1430
- EPSS 1.68%
- Veröffentlicht 13.03.2007 01:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter.