Clipbucket V5
by Macwarrior
Source repositories
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-21623 | 0.00 | — | 0.01 | Jan 7, 2025 | ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which results in a denial of service. | |||
| CVE-2025-21622 | 0.00 | — | 0.01 | Jan 7, 2025 | ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any time. During deletion, ClipBucket checks for the avatar_url as a filepath within the avatars subdirectory. If the URL… | |||
| CVE-2024-54135 | 0.00 | — | 0.01 | Dec 6, 2024 | ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/photo_upload.php within the decode_key function. User inputs were supplied… | |||
| CVE-2024-54136 | 0.00 | — | 0.01 | Dec 6, 2024 | ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/upload.php where the user supplied input via collection get parameter is directly… |
- CVE-2025-21623Jan 7, 2025risk 0.00cvss —epss 0.01
ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which results in a denial of service.
- CVE-2025-21622Jan 7, 2025risk 0.00cvss —epss 0.01
ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any time. During deletion, ClipBucket checks for the avatar_url as a filepath within the avatars subdirectory. If the URL…
- CVE-2024-54135Dec 6, 2024risk 0.00cvss —epss 0.01
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/photo_upload.php within the decode_key function. User inputs were supplied…
- CVE-2024-54136Dec 6, 2024risk 0.00cvss —epss 0.01
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/upload.php where the user supplied input via collection get parameter is directly…
Page 2 of 2