Home/Product/oxygenz clipbucket
Product

oxygenz clipbucket

39 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-32321
>= 5.3 and < 5.5.3-80
ClipBucket v5 is an open source video sharing platform. An authenticated time-based blind SQL injection vulnerability exists in Cl
8.8HIGH
 CVE-2026-28354
>= 5.3 and < 5.5.3-59
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, collection item operations are vulnerable to a
6.5MEDIUM
 CVE-2026-26997
>= 5.3 and < 5.5.3-59
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, a normal authenticated user can store the XSS
5.4MEDIUM
 CVE-2026-26005
>= 5.3 and < 5.5.3-45
ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #45, in Clip Bucket V5, The Remote Play allows creating v
5.0MEDIUM
 CVE-2026-25728
>= 5.3 and < 5.5.3-40
ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race conditi
7.5HIGH
 CVE-2026-21875
>= 5.3 and < 5.5.2-191
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-#187 and below allow an attacker to perform Blind SQL Injec
9.8CRITICAL
 CVE-2025-67418
>= 5.3 and <= 5.5.2
ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default a
9.8CRITICAL
 CVE-2025-65113
>= 5.3 and < 5.5.2-164
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in th
6.5MEDIUM
 CVE-2025-62709
>= 5.3 and < 5.5.2-163
ClipBucket v5 is an open source video sharing platform. In ClipBucket version 5.5.2, a change to network.class.php causes the appl
6.8MEDIUM
 CVE-2025-64339
>= 5.3 and < 5.5.2-147
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-#146 and below, the Manage Playlists feature is vulnerab
5.4MEDIUM
 CVE-2025-64338
>= 5.3 and < 5.5.2-157
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - #156 and below, an authenticated regular user can crea
9.0CRITICAL
 CVE-2025-64336
>= 5.3 and < 5.5.2-147
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-#146 and below, the Manage Photos feature is vulnerable
5.4MEDIUM
 CVE-2025-64114
>= 5.3 and < 5.5.2-152
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 - #151 and below allow authenticated administrators with pl
6.5MEDIUM
 CVE-2025-62715
>= 5.3 and < 5.5.2-157
ClipBucket v5 is an open source video sharing platform. Versions 5.5.2-#147 and below contain a stored Cross-Site Scripting (XSS)
5.4MEDIUM
 CVE-2025-62429
>= 5.3 and < 5.5.2-147
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 #147, ClipBucket v5 is vulnerable to arbitrary PHP
7.2HIGH
 CVE-2025-62430
>= 5.3 and < 5.5.2-146
ClipBucket v5 is an open source video sharing platform. ClipBucket v5 through build 5.5.2 #145 allows stored cross-site scripting
5.4MEDIUM
 CVE-2025-62424
>= 5.3 and < 5.5.2-147
ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - #146 and earlier, the /admin_area/template_editor.
6.7MEDIUM
 CVE-2025-62423
>= 5.3 and < 5.5.2-142
ClipBucket V5 provides open source video hosting with PHP. In version5.5.2 - #140 and earlier, a Blind SQL injection vulnerability
6.7MEDIUM
 CVE-2025-55912
<= 5.5.0
An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uplo
7.3HIGH
 CVE-2025-55911
< 5.5.2-90
An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file
6.5MEDIUM
 CVE-2013-10040
<= 2.6
ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php script located at /admin_area/cha
9.8CRITICAL
 CVE-2025-21624
>= 5.3 and < 5.5.1-239
ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage
9.8CRITICAL
 CVE-2025-21623
>= 5.3 and < 5.5.1-238
ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to
7.5HIGH
 CVE-2025-21622
>= 5.3 and < 5.5.1-237
ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and
7.5HIGH
 CVE-2024-54136
>= 5.5.1-141 and < 5.5.1-200
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP
9.8CRITICAL
 CVE-2024-54135
>= 2.0 and < 5.5.1-200
ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable
9.8CRITICAL
 CVE-2018-7666
<= 4.0.0
An issue was discovered in ClipBucket before 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.p
9.8CRITICAL
 CVE-2018-7665
<= 4.0.0
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to action
9.8CRITICAL
 CVE-2018-7664
<= 4.0.0
An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the f
9.8CRITICAL
 CVE-2016-1000307
<= 2.8.1
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbit
6.1MEDIUM
 CVE-2015-4673
all versions
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web
5.4MEDIUM
 CVE-2016-4848
<= 2.8.1
Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 RC2 allows remote attackers to inject arbitrary web script or
6.1MEDIUM
 CVE-2012-5849
<= 2.6
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and earlier allow remote attackers to execute arbitrary SQL
 CVE-2015-2102
all versions
SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrar
 CVE-2014-4187
all versions
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote attackers to inject arbitrary web script or HTM
 CVE-2012-6644
all versions
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTM
 CVE-2012-6643
all versions
Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote att
 CVE-2012-6642
all versions
Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote attackers to inject arbitrary web script or HTML via the
 CVE-2011-3717
all versions
ClipBucket 2.0.9 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the in
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh