Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

clipbucket-v5 — Vulnerabilities & Security Advisories 22

All 22 CVE vulnerabilities found in clipbucket-v5, with AI-generated Chinese analysis, references, and POCs.

Vendor: MacWarrior

CVE IDTitleCVSSSeverityPublished
CVE-2026-32321 ClipBucket v5 has time-based Blind SQL Injection in ajax.php that leads to Data Exfiltration CWE-89 8.8 High2026-03-18
CVE-2026-28354 ClipBucket v5 has IDOR in Collection Item Management CWE-639 4.3 -2026-02-27
CVE-2026-26997 ClipBucket v5 has Stored XSS via Collection name CWE-79 5.4 -2026-02-27
CVE-2026-26005 ClipBucket v5 enables internal network scans via an SSRF vulnerability CWE-918 5.0 Medium2026-02-12
CVE-2026-25728 ClipBucket v5 Affected by Remote Code Execution via Avatar/Background File Upload Race Condition CWE-367 8.1AIHighAI2026-02-10
CVE-2026-21875 ClipBucket v5 Vulnerable to Blind SQL Injection through Channel Comments CWE-89 9.8 Critical2026-01-07
CVE-2025-64338 ClipBucket's Manage Photos Feature is Vulnerable to Stored XSS via Collection Name CWE-79--2025-12-15
CVE-2025-65113 ClipBucket v5 Unauthenticated Object Flagging Vulnerability CWE-770 6.5 Medium2025-11-29
CVE-2025-62709 ClipBucket v5 is vulnerable to password reset link manipulation CWE-640 6.8 Medium2025-11-20
CVE-2025-64339 ClipBucket v5: Stored XSS Vulnerability in Manage Playlists CWE-79 5.4 -2025-11-07
CVE-2025-64336 ClipBucket v5's Manage Photo Feature is Vulnerable to Stored XSS Attack via Photo Title CWE-79 5.4 -2025-11-07
CVE-2025-64114 ClipBucket v5: SQL Injection possible through ClipBucket Custom Fields plugin CWE-89 6.5 Medium2025-11-05
CVE-2025-62715 ClipBucket v5: Stored XSS via Collection Tags CWE-79 5.4AIMediumAI2025-11-04
CVE-2025-62429 ClipBucket v5 executes arbitrary PHP code CWE-94 7.2 High2025-10-20
CVE-2025-62430 ClipBucket v5 stored XSS via video/photo fields CWE-79 5.4 Medium2025-10-17
CVE-2025-62424 ClipBucket path traversal vulnerability in template editor allows arbitrary file read and write CWE-22 6.7 Medium2025-10-17
CVE-2025-62423 ClipBucket V5 Blind SQL injection in the Admin Panel CWE-89 6.7 Medium2025-10-16
CVE-2025-21624 ClipBucket V5 Playlist Cover File Upload to Remote Code Execution CWE-434 9.8 Critical2025-01-07
CVE-2025-21623 ClipBucket V5 Unauthenticated Template Directory Update to Denial-of-Service CWE-22 7.5 High2025-01-07
CVE-2025-21622 ClipBucket V5 Avatar URL Path Traversal to Arbitrary File Delete CWE-22 7.5 High2025-01-07
CVE-2024-54135 Untrusted Deserialization in ClipBucket-v5 Version 2.0 to 5.5.1 Revision 199 CWE-502 9.8 Critical2024-12-06
CVE-2024-54136 Untrusted Deserialization in ClipBucket-v5 Version 5.5.1 Revision 199 and Below CWE-502 9.8 Critical2024-12-06

All 22 known CVE vulnerabilities affecting clipbucket-v5 with full Chinese analysis, references, and POCs where available.