Filtered by vendor Cobub
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7746 | 1 Cobub | 1 Razor | 2021-09-09 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin. | |||||
| CVE-2018-7745 | 1 Cobub | 1 Razor | 2021-09-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation. | |||||
| CVE-2018-7720 | 1 Cobub | 1 Razor | 2021-09-09 | 6.8 MEDIUM | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation. | |||||
| CVE-2019-10276 | 1 Cobub | 1 Razor | 2019-04-01 | 7.5 HIGH | 9.8 CRITICAL |
| Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type. | |||||
| CVE-2018-8056 | 1 Cobub | 1 Razor | 2019-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channel_name parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php. | |||||