Security Advisory

CVE-2019-5127

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-10-25 17:12:28

Last updated 2024-08-04 19:47:56

Assigner talos

State PUBLISHED

Description

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in /objects/getImage.php is vulnerable to a command injection attack.

← Browse all CVEs View on cve.org ↗