📦 Php Melody

PHP Melody 3.0 contains a remote SQL injection vulnerability in the video edit module that allows authenticated attackers to execute arbitrary SQL commands. Attackers can exploit the unvalidated 'vid'...

PHP Melody 3.0 contains multiple non-persistent cross-site scripting vulnerabilities in categories, import, and user import files. Attackers can inject malicious scripts through unvalidated parameters...

PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the video editor's WYSIWYG component. Privileged users can inject malicious scripts that execute when other users view affect...

PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious JavaScript. This can lead to session ...