RSS   Vulnerabilities for 'Clipshare'   RSS

2014-11-04
 
CVE-2014-8339

CWE-89
 

 
SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.

 
2009-09-09
 
CVE-2008-7188

 

 
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.

 
2009-02-19
 
CVE-2008-6173

 

 
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.

 
2008-12-12
 
CVE-2008-5489

CWE-89
 

 
SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.

 
2008-06-20
 
CVE-2008-2793

CWE-89
 

 
SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter.

 
2008-01-03
 
CVE-2008-0089

 

 
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.

 
2007-03-12
 
CVE-2007-1430

CWE-Other
 

 
PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top