CyberSec.Space Logo
Back to CVE Browser

CVE-2019-5151

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1370%
EPSS Percentile3.04th
PublishedOct 31, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An attacker can send an HTTP request to trigger this vulnerability.

Affected Platforms (CPE)

📦
Youphptube

Youphptube

= 7.7

References & Advisories

🔗 https://talosintelligence.com/vulnerability_reports/TALOS-2019-0941
🔗 https://talosintelligence.com/vulnerability_reports/TALOS-2019-0941

Related Vulnerabilities

CVE-2019-51149.9

An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests c...

CVE-2019-51279.8

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. E...

CVE-2019-161249.8

In YouPHPTube 7.4, the file install/checkConfiguration.php has no access control, which leads to everyone being able to edit the c...

CVE-2019-51289.8

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. E...