CVE Tools

youphptube

Web & CMS PluginsCNoss-project

18

Cumulative CVEs

2

Monthly snapshots

#42

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting youphptube.

CVE-2021-47750YouPHPTube <= 7.8 - Cross-Site Scripting6.1Jan 13, 2026
CVE-2021-47749YouPHPTube <= 7.8 - Directory Traversal5.5Jan 13, 2026
CVE-2021-25878AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session...6.1Nov 1, 2021
CVE-2021-25877AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php.7.2Nov 1, 2021
CVE-2021-25876AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the u parameter which allows a remote attacker to steal administrators' session cookies or perform...6.1Nov 1, 2021
CVE-2021-25875AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the searchPhrase parameter which allows a remote attacker to steal administrator...6.1Nov 1, 2021
CVE-2021-25874AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases informa...7.5Nov 1, 2021
CVE-2019-18662An issue was discovered in YouPHPTube through 7.7. User input passed through the live_stream_code POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized (in getFromChat in pl...9.8Nov 2, 2019
CVE-2019-5151An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration o...10.0Oct 31, 2019
CVE-2019-5150An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. When the "VideoTags" plugin is enabled, a specially crafted unauthenticated HTTP request can cause a SQL injection, possibly lead...8.9Oct 31, 2019
CVE-2019-5119An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parame...8.8Oct 25, 2019
CVE-2019-5120An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with param...8.8Oct 25, 2019
CVE-2019-5114An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with pa...9.9Oct 25, 2019
CVE-2019-5123Specially crafted web requests can cause SQL injections in YouPHPTube 7.6. An attacker can send a web request with Parameter dir in /objects/pluginSwitch.json.php.8.8Oct 25, 2019
CVE-2019-5122SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with Parameter name in ...8.8Oct 25, 2019