Search
Search Results (12 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25728 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-02-18 | 7.5 High |
| ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability exists in ClipBucket's avatar and background image upload functionality. The application moves uploaded files to a web-accessible location before validating them, creating a window where an attacker can execute arbitrary PHP code before the file is deleted. The uploaded file was moved to a web-accessible path via move_uploaded_file(), then validated via ValidateImage(). If validation failed, the file was deleted via @unlink(). This vulnerability is fixed in 5.5.3 - #40. | ||||
| CVE-2026-26005 | 2 Macwarrior, Oxygenz | 2 Clipbucket-v5, Clipbucket | 2026-02-18 | 5 Medium |
| ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SSRF can be triggered, causing GET requests to be sent to internal servers. An attacker can exploit this to scan the internal network. Even a regular (non-privileged) user can carry out the attack. | ||||
| CVE-2026-21875 | 2 Clipbucket, Oxygenz | 2 Clipbucket, Clipbucket | 2026-01-27 | 9.8 Critical |
| ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-#187 and below allow an attacker to perform Blind SQL Injection through the add comment section within a channel. When adding a comment within a channel, there is a POST request to the /actions/ajax.php endpoint. The obj_id parameter within the POST request to /actions/ajax.php is then used within the user_exists function of the upload/includes/classes/user.class. php file as the $id parameter. It is then used within the count function of the upload/includes/classes/db.class. php file. The $id parameter is concatenated into the query without validation or sanitization, and a user-supplied input like 1' or 1=1-- - can be used to trigger the injection. This issue does not have a fix at the time of publication. | ||||
| CVE-2025-64338 | 2 Clipbucket, Oxygenz | 2 Clipbucket, Clipbucket | 2025-12-31 | 9.0 Critical |
| ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - #156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucket’s Manage Photos feature vulnerable to Stored XSS. The payload is rendered unsafely in the Admin → Manage Photos interface, causing it to execute in the administrator’s browser, therefore allowing an attacker to target administrators and perform actions with elevated privileges. This issue is fixed in version 5.5.2 - #157. | ||||
| CVE-2025-62429 | 2 Clip-bucket, Oxygenz | 2 Clipbucket, Clipbucket | 2025-11-10 | 7.2 High |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 #147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/admin_area/actions/update_launch.php, the "type" parameter from a POST request is embedded into PHP tags and executed. Proper sanitization is not performed, and by injecting malicious code an attacker can execute arbitrary PHP code. This allows an attacker to achieve RCE. This issue has been resolved in version 5.5.2 #147. | ||||
| CVE-2025-55912 | 2 Clip-bucket, Oxygenz | 2 Clipbucket, Clipbucket | 2025-10-31 | 7.3 High |
| An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler | ||||
| CVE-2025-55911 | 2 Clip-bucket, Oxygenz | 2 Clipbucket, Clipbucket | 2025-10-31 | 6.5 Medium |
| An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file parameter | ||||
| CVE-2024-54135 | 2 Clipbucket, Oxygenz | 2 Clickbucket, Clipbucket | 2025-09-22 | 9.8 Critical |
| ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/photo_upload.php within the decode_key function. User inputs were supplied to this function without sanitization via collection GET parameter and photoIDS POST parameter respectively. The decode_key function invokes PHP unserialize function as defined in upload/includes/classes/photos.class.php. As a result, it is possible for an adversary to inject maliciously crafted PHP serialized object and utilize gadget chains to cause unexpected behaviors of the application. This vulnerability is fixed in 5.5.1 Revision 200. | ||||
| CVE-2024-54136 | 2 Clipbucket, Oxygenz | 2 Clickbucket, Clipbucket | 2025-09-22 | 9.8 Critical |
| ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/upload.php where the user supplied input via collection get parameter is directly provided to unserialize function. As a result, it is possible for an adversary to inject maliciously crafted PHP serialized object and utilize gadget chains to cause unexpected behaviors of the application. This vulnerability is fixed in 5.5.1 Revision 200. | ||||
| CVE-2025-21623 | 1 Oxygenz | 1 Clipbucket | 2025-09-05 | 7.5 High |
| ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which results in a denial of service. | ||||
| CVE-2025-21624 | 1 Oxygenz | 1 Clipbucket | 2025-09-05 | 9.8 Critical |
| ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script file instead of an image file, thus allowing a webshell or other malicious files to be stored and executed on the server. This attack vector exists in both the admin area and low-level user area. This vulnerability is fixed in 5.5.1 - 239. | ||||
| CVE-2025-21622 | 1 Oxygenz | 1 Clipbucket | 2025-09-05 | 7.5 High |
| ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any time. During deletion, ClipBucket checks for the avatar_url as a filepath within the avatars subdirectory. If the URL path exists within the avatars directory, ClipBucket will delete it. There is no check for path traversal sequences in the provided user input (stored in the DB as avatar_url) therefore the final $file variable could be tainted with path traversal sequences. This leads to file deletion outside of the intended scope of the avatars folder. This vulnerability is fixed in 5.5.1 - 237. | ||||
Page 1 of 1.