CNNVD-202511-471 Information
CNNVD ID
CNNVD-202511-471
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
ClipBucket是MacWarrior开源的一个开源且可免费下载的 PHP 脚本。用于共享视频网站。 ClipBucket v5 5.5.2版本至151版本及之前版本存在SQL注入漏洞,该漏洞源于具有插件管理权限的认证管理员可通过Custom Fields插件执行任意SQL命令。
Description (English)
ClipBucket is an open-source, free-of-charge PHP script for MacWarrior. For sharing video sites. ClipBucket v.5.5.2 to 151 and previous versions have an injection loophole in SQL, which results from the fact that a certifier with plugin management authority can execute any SQL order through the Custom Fields plugin.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
MacWarrior
Published
2025-11-06
Last Modified
2026-02-24
References
https://github.com/MacWarrior/clipbucket-v5/releases/tag/5.5.2-%23152 https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-4g7x-j562-8g69 https://github.com/MacWarrior/clipbucket-v5/commit/b7289923177fe533ae908654ee3cd65b63ffb008 https://access.redhat.com/security/cve/cve-2025-64114
Patch
https://github.com/MacWarrior/clipbucket-v5/releases
Share on: