CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-62709

ClipBucket v5 is an open source video sharing platform. In ClipBucket version 5.5.2, a change to network.class.php causes the application to dynamically build the server URL from the incoming HTTP Host header when the configuration base_url is not set. Because Host is a client-controlled header, an attacker can supply an arbitrary Host value. This allows an attacker to cause password-reset links (sent by forget.php) to be generated with the attacker’s domain. If a victim follows that link and enters their activation code on the attacker-controlled domain, the attacker can capture the code and use it to reset the victim’s password and take over the account. This issue has been patched in version 5.5.2#162.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.8%

CVSS Severity

CVSS v3 Score 6.8

References

Products affected by CVE-2025-62709

Oxygenz » Clipbucket » Version: 5.3

cpe:2.3:a:oxygenz:clipbucket:5.3
Oxygenz » Clipbucket » Version: 5.3.1

cpe:2.3:a:oxygenz:clipbucket:5.3.1
Oxygenz » Clipbucket » Version: 5.4.0

cpe:2.3:a:oxygenz:clipbucket:5.4.0
Oxygenz » Clipbucket » Version: 5.4.1

cpe:2.3:a:oxygenz:clipbucket:5.4.1
Oxygenz » Clipbucket » Version: 5.5.0

cpe:2.3:a:oxygenz:clipbucket:5.5.0
Oxygenz » Clipbucket » Version: 5.5.1

cpe:2.3:a:oxygenz:clipbucket:5.5.1
Oxygenz » Clipbucket » Version: 5.5.1-141

cpe:2.3:a:oxygenz:clipbucket:5.5.1-141
Oxygenz » Clipbucket » Version: 5.5.1-200

cpe:2.3:a:oxygenz:clipbucket:5.5.1-200
Oxygenz » Clipbucket » Version: 5.5.1-237

cpe:2.3:a:oxygenz:clipbucket:5.5.1-237
Oxygenz » Clipbucket » Version: 5.5.1-238

cpe:2.3:a:oxygenz:clipbucket:5.5.1-238
Oxygenz » Clipbucket » Version: 5.5.1-239

cpe:2.3:a:oxygenz:clipbucket:5.5.1-239
Oxygenz » Clipbucket » Version: 5.5.2-103

cpe:2.3:a:oxygenz:clipbucket:5.5.2-103
Oxygenz » Clipbucket » Version: 5.5.2-106

cpe:2.3:a:oxygenz:clipbucket:5.5.2-106
Oxygenz » Clipbucket » Version: 5.5.2-114

cpe:2.3:a:oxygenz:clipbucket:5.5.2-114
Oxygenz » Clipbucket » Version: 5.5.2-117

cpe:2.3:a:oxygenz:clipbucket:5.5.2-117
Oxygenz » Clipbucket » Version: 5.5.2-120

cpe:2.3:a:oxygenz:clipbucket:5.5.2-120
Oxygenz » Clipbucket » Version: 5.5.2-123

cpe:2.3:a:oxygenz:clipbucket:5.5.2-123
Oxygenz » Clipbucket » Version: 5.5.2-129

cpe:2.3:a:oxygenz:clipbucket:5.5.2-129
Oxygenz » Clipbucket » Version: 5.5.2-133

cpe:2.3:a:oxygenz:clipbucket:5.5.2-133
Oxygenz » Clipbucket » Version: 5.5.2-135

cpe:2.3:a:oxygenz:clipbucket:5.5.2-135
Oxygenz » Clipbucket » Version: 5.5.2-138

cpe:2.3:a:oxygenz:clipbucket:5.5.2-138
Oxygenz » Clipbucket » Version: 5.5.2-140

cpe:2.3:a:oxygenz:clipbucket:5.5.2-140
Oxygenz » Clipbucket » Version: 5.5.2-141

cpe:2.3:a:oxygenz:clipbucket:5.5.2-141
Oxygenz » Clipbucket » Version: 5.5.2-142

cpe:2.3:a:oxygenz:clipbucket:5.5.2-142
Oxygenz » Clipbucket » Version: 5.5.2-145

cpe:2.3:a:oxygenz:clipbucket:5.5.2-145
Oxygenz » Clipbucket » Version: 5.5.2-146

cpe:2.3:a:oxygenz:clipbucket:5.5.2-146
Oxygenz » Clipbucket » Version: 5.5.2-147

cpe:2.3:a:oxygenz:clipbucket:5.5.2-147
Oxygenz » Clipbucket » Version: 5.5.2-152

cpe:2.3:a:oxygenz:clipbucket:5.5.2-152
Oxygenz » Clipbucket » Version: 5.5.2-156

cpe:2.3:a:oxygenz:clipbucket:5.5.2-156
Oxygenz » Clipbucket » Version: 5.5.2-157

cpe:2.3:a:oxygenz:clipbucket:5.5.2-157
Oxygenz » Clipbucket » Version: 5.5.2-162

cpe:2.3:a:oxygenz:clipbucket:5.5.2-162
Oxygenz » Clipbucket » Version: 5.5.2-74

cpe:2.3:a:oxygenz:clipbucket:5.5.2-74
Oxygenz » Clipbucket » Version: 5.5.2-82

cpe:2.3:a:oxygenz:clipbucket:5.5.2-82
Oxygenz » Clipbucket » Version: 5.5.2-86

cpe:2.3:a:oxygenz:clipbucket:5.5.2-86
Oxygenz » Clipbucket » Version: 5.5.2-90

cpe:2.3:a:oxygenz:clipbucket:5.5.2-90
Oxygenz » Clipbucket » Version: 5.5.2-98

cpe:2.3:a:oxygenz:clipbucket:5.5.2-98

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-62709

Products

Pricing

Contact Us