Security Vulnerabilities, CVEs, Published In October 2019 (File inclusion) CVSS score >= 8

CVE-2019-5151

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability.
Max CVSS
10.0
EPSS Score
0.17%
Published
2019-10-31
Updated
2022-06-27

CVE-2019-5150

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. When the "VideoTags" plugin is enabled, a specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability.
Max CVSS
8.9
EPSS Score
0.15%
Published
2019-10-31
Updated
2022-06-27

CVE-2010-4239

Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
Max CVSS
9.8
EPSS Score
3.45%
Published
2019-10-28
Updated
2019-10-29
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close