CVE-2026-33867 in WWBN AVideo정보

요약 (영어)

WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo allows content owners to password-protect individual videos. The video password is stored in the database in plaintext — no hashing, salting, or encryption is applied. If an attacker gains read access to the database (via SQL injection, a database backup, or misconfigured access controls), they obtain all video passwords in cleartext. Commit f2d68d2adbf73588ea61be2b781d93120a819e36 contains a patch.

책임이 있는

GitHub_M

예약하다

2026. 03. 24.

공개

2026. 03. 27.

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
353992	WWBN AVideo Database 약한 암호화	312	정의되지 않음	공식 수정	CVE-2026-33867

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

◂ 이전개요다음 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!