CNNVD-202510-2290 Information
CNNVD ID
CNNVD-202510-2290
Related CVE
- CNNVD Published: 2025-10-16
Description (Chinese)
ClipBucket是MacWarrior开源的一个开源且可免费下载的 PHP 脚本。用于共享视频网站。 ClipBucket V5.5.2版本及之前版本存在SQL注入漏洞,该漏洞源于文件/admin_area/login_as_user.php存在盲注SQL注入漏洞,可能导致SQL注入攻击。
Description (English)
ClipBucket is an open-source, free-of-charge PHP script for MacWarrior. For sharing video sites. CripBucket V5.5.2 and previous versions have an injection loophole in SQL, which stems from the blind note SQL in document/admin area/login as user.php, which could lead to an injection attack on SQL.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
MacWarrior
Published
2025-10-16
Last Modified
2026-02-24
References
https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-3wpr-jprj-52fc https://github.com/MacWarrior/clipbucket-v5/commit/b3bf27e367f318c2afe9bd11368be9d00e272148 https://access.redhat.com/security/cve/cve-2025-62423
Patch
https://github.com/MacWarrior/clipbucket-v5/releases
Share on: