CVE-2026-33485 | WWBN AVideo up to 26.0 on_publish.php keyExists Name sql injection

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability identified as critical has been detected in WWBN AVideo up to 26.0. Affected by this issue is the function LiveTransmitionHistory::getLatest/LiveTransmition::keyExists of the file plugin/Live/on_publish.php. The manipulation of the argument Name leads to sql injection.

This vulnerability is traded as CVE-2026-33485. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to install a patch to address this issue.

CVE-2026-33485 | WWBN AVideo up to 26.0 on_publish.php keyExists Name sql injection

Post correlati

CVE-2024-36413 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 cross site scripting (GHSA-ph2c-hvvf-r273)

CVE-2025-4263 | PHPGurukul Online DJ Booking Management System 1.0 booking-search.php searchdata sql injection

CVE-2025-33246 | NVIDIA NeMo Framework command injection

CVE-2024-8357 | Visteon Infotainment Local Privilege Escalation (ZDI-24-1189)