Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| readymade_video_sharing_script_project | readymade_video_sharing_script | 3.2 |
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| readymade_video_sharing_script_project | readymade_video_sharing_script | 3.2 |
Readymade Video Sharing Script has CSRF via user-profile-edit.php.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| readymade_video_sharing_script_project | readymade_video_sharing_script | 3.2 |
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| readymade_video_sharing_script_project | readymade_video_sharing_script | 3.2 |
Readymade Video Sharing Script has XSS via the search_video.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| readymade_video_sharing_script_project | readymade_video_sharing_script | 3.2 |