Security Vulnerabilities, CVEs, Published In October 2019 (File inclusion) CVSS score >= 8
An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability.
Max CVSS
10.0
EPSS Score
0.17%
Published
2019-10-31
Updated
2022-06-27
An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. When the "VideoTags" plugin is enabled, a specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability.
Max CVSS
8.9
EPSS Score
0.15%
Published
2019-10-31
Updated
2022-06-27
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
Max CVSS
9.8
EPSS Score
3.45%
Published
2019-10-28
Updated
2019-10-29
3 vulnerabilities found