Oxygenz

Clipbucket

24 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-64336

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.11.2025 04:32:10
  • Zuletzt bearbeitet 05.12.2025 20:57:33

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-#146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting (XSS). An authenticated regular user can upload a photo with a malicious Photo Title cont...

6.5

CVE-2025-64114

Exploit
  • EPSS 0.07%
  • Veröffentlicht 05.11.2025 23:30:59
  • Zuletzt bearbeitet 10.11.2025 17:26:24

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - #151 and below allow authenticated administrators with plugin management privileges to execute arbitrary SQL commands against the database through its ClipBucket Custom Fields p...

5.4

CVE-2025-62715

Exploit
  • EPSS 0.05%
  • Veröffentlicht 04.11.2025 21:37:32
  • Zuletzt bearbeitet 10.11.2025 19:58:06

ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-#147 and below contain a stored Cross-Site Scripting (XSS) vulnerability in ClipBucket’s Collection tags feature. An authenticated normal user can create a tag containing HTML or ...

7.2

CVE-2025-62429

Exploit
  • EPSS 0.19%
  • Veröffentlicht 20.10.2025 16:08:02
  • Zuletzt bearbeitet 10.11.2025 19:58:23

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 #147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/admin_area/actions/update_launch.php, the "type" parameter from a POST request is embedded in...

5.4

CVE-2025-62430

Exploit
  • EPSS 0.05%
  • Veröffentlicht 17.10.2025 17:50:23
  • Zuletzt bearbeitet 10.11.2025 19:58:19

ClipBucket v5 is an open source video sharing platform. ClipBucket v5 through build 5.5.2 #145 allows stored cross-site scripting (XSS) in multiple video and photo metadata fields. For videos the Tags field and the Genre, Actors, Producer, Executive ...

6.5

CVE-2025-62424

Exploit
  • EPSS 0.06%
  • Veröffentlicht 17.10.2025 17:23:27
  • Zuletzt bearbeitet 10.11.2025 19:58:14

ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - #146 and earlier, the /admin_area/template_editor.php endpoint is vulnerable to path traversal. The validation of the file-loading path is inadequate, allowing authentica...

7.2

CVE-2025-62423

Exploit
  • EPSS 0.06%
  • Veröffentlicht 16.10.2025 18:40:44
  • Zuletzt bearbeitet 10.11.2025 19:58:10

ClipBucket V5 provides open source video hosting with PHP. In version5.5.2 - #140 and earlier, a Blind SQL injection vulnerability exists in the Admin Area’s “/admin_area/login_as_user.php” file. Exploiting this vulnerability requires access privileg...

7.3

CVE-2025-55912

Exploit
  • EPSS 4.06%
  • Veröffentlicht 18.09.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 17:14:53

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler

6.5

CVE-2025-55911

Exploit
  • EPSS 1.36%
  • Veröffentlicht 18.09.2025 00:00:00
  • Zuletzt bearbeitet 31.10.2025 17:13:54

An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file parameter

9.8

CVE-2025-21624

Exploit
  • EPSS 25.24%
  • Veröffentlicht 07.01.2025 16:15:40
  • Zuletzt bearbeitet 05.09.2025 16:28:26

ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without prop...