All 3 CVE vulnerabilities found in AVideo-Encoder, with AI-generated Chinese analysis, references, and POCs.
Vendor: WWBN
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33025 | AVideo-Encoder is Vulnerable to Authenticated SQL Injection via ORDER BY Clause CWE-89 | 9.8 | - | 2026-03-20 |
| CVE-2026-33024 | AVideo-Encoder has Unauthenticated Blind Server-Side Request Forgery via Public Thumbnail Generator CWE-918 | 9.8 | - | 2026-03-20 |
| CVE-2026-29058 | AVideo: Unauthenticated OS Command Injection via base64Url in objects/getImage.php CWE-78 | 9.8 | Critical | 2026-03-06 |
All 3 known CVE vulnerabilities affecting AVideo-Encoder with full Chinese analysis, references, and POCs where available.