Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authorization Bypass in AVideo Platform
Vulnerability Description
AVideo Platform is an open-source Audio and Video platform. It is similar to a self-hosted YouTube. In AVideo Platform before version 10.2 there is an authorization bypass vulnerability which enables an ordinary user to get admin control. This is fixed in version 10.2. All queries now remove the pass hash and the recoverPass hash.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Wwbn Avideo 权限许可和访问控制问题漏洞
Vulnerability Description
Wwbn Avideo是Wwbn(WWBN)团队的一个由PHP编写的视频平台建站系统。 AVideo Platform 存在权限许可和访问控制问题漏洞,该漏洞源于一个授权绕过漏洞,可以让普通用户获得管理控制权。
CVSS Information
N/A
Vulnerability Type
N/A