CNNVD-202507-3906 Information

CNNVD ID

CNNVD-202507-3906

Related CVE

CVE-2013-10040

• CNNVD Published: 2025-07-31

Description (Chinese)

ClipBucket是MacWarrior开源的一个开源且可免费下载的 PHP 脚本。用于共享视频网站。 ClipBucket 2.6及之前版本存在安全漏洞，该漏洞源于ofc_upload_image.php端点未经验证，可能导致任意文件上传和远程代码执行。

Description (English)

ClipBucket is an open-source, free-of-charge PHP script for MacWarrior. For sharing video sites. ClipBucket 2.6 and previous versions have a security loophole, which originates from the unverified infofc upload image.php endpoint, which may lead to any document uploading and remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MacWarrior

Published

2025-07-31

Last Modified

2026-02-24

References

https://clipbucket.com/ https://github.com/arslancb/clipbucket https://packetstorm.news/files/id/123480 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/clipbucket_upload_exec.rb https://www.vulncheck.com/advisories/clipbucket-arbitrary-file-upload-rce