CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Youphptube: Security Vulnerabilities

CVE-2019-5129

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in /objects/getSpiritsFromVideo.php is vulnerable to a command injection attack.

CVSS Score

10.0

EPSS Score

0.931

Published

2019-10-25

CVE-2019-16124

In YouPHPTube 7.4, the file install/checkConfiguration.php has no access control, which leads to everyone being able to edit the configuration file, and insert malicious PHP code.

CVSS Score

9.8

EPSS Score

0.021

Published

2019-09-09

CVE-2019-14430

plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection.

CVSS Score

5.3

EPSS Score

0.015

Published

2019-08-20

Page 3

Vulnerabilities

Vulnerable Software

Youphptube: Security Vulnerabilities

Products

Pricing

Contact Us