2 results (0.001 seconds)

CVSS: 7.5EPSS: 78%CPEs: 1EXPL: 1

A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The identifier VDB-238577 was assigned to this vulnerability. • http://packetstormsecurity.com/files/174446/PlayTube-3.0.1-Information-Disclosure.html https://vuldb.com/?ctiid.238577 https://vuldb.com/?id.238577 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

PlayTube 1.8 allows disclosure of user details via ajax.php?type=../admin-panel/autoload&page=manage-users directory traversal, aka local file inclusion. PlayTube versión 1.8, permite una divulgación de los detalles del usuario por medio del salto de directorio de ajax.php?type=.. • https://blog.overfl0wed.com/web/lfi/info_disclosure/2020/03/30/PlayTube-LFI-to-Info-Disclosure-Writeup.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •