CNNVD-202602-1478 Information

CNNVD ID

CNNVD-202602-1478

Related CVE

CVE-2026-25728

• CNNVD Published: 2026-02-10

Description (Chinese)

ClipBucket是MacWarrior开源的一个开源且可免费下载的 PHP 脚本。用于共享视频网站。 ClipBucket 5.5.3 - #40之前版本存在安全漏洞，该漏洞源于头像和背景图片上传功能存在竞争条件，可能导致执行任意PHP代码。

Description (English)

ClipBucket is an open-source, free-of-charge PHP script for MacWarrior. For sharing video sites. ClipBucket 5.5.3 - #40 has a security loophole, which stems from competitive conditions for head and background image uploads, which may lead to the enforcement of any PHP code.

Vulnerability Type

其他

Affected Vendor

MacWarrior

Published

2026-02-10

Last Modified

2026-02-24

References

https://github.com/MacWarrior/clipbucket-v5/commit/09536e6e2ca6d69a2ee83190b588c0b8116dd16d https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-xq7c-m5r2-9wqj https://access.redhat.com/security/cve/cve-2026-25728

Patch

https://github.com/MacWarrior/clipbucket-v5/releases