SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter uuid in /objects/pluginSwitch.json.php
CPE | Name | Operator | Version |
---|---|---|---|
youphptube | eq | 7.2 | |
youphptube | eq | 7.3 | |
youphptube | eq | 2.2 | |
youphptube | eq | 2.4 | |
youphptube | eq | 7.4 | |
youphptube | eq | 5.0 | |
youphptube | eq | 2.7 | |
youphptube | eq | 7.5 | |
youphptube | eq | 3.4 | |
youphptube | eq | 4.0.1 |