Vulnerabilities (CVE)

Filtered by vendor Clip-share Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-8339 2 Clip-share, Nuevolab 2 Clipshare, Nuevoplayer 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.
CVE-2008-5489 1 Clip-share 1 Clipshare 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.
CVE-2008-6173 1 Clip-share 1 Clipshare 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2008-7188 1 Clip-share 1 Clipshare 2024-02-04 7.5 HIGH N/A
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.
CVE-2008-2793 1 Clip-share 1 Clipshare 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
CVE-2008-0089 1 Clip-share 1 Clipshare 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
CVE-2007-1430 1 Clip-share 1 Clipshare 2024-02-04 7.5 HIGH N/A
PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter.