Every CVE whose affected-product data names Cobub Razor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-28421 — CVSS 9.8 (critical): SQL Injection vulnerability in Razor 0.8.0 allows a remote attacker to escalate privileges via the ChannelModel::updateapk method of the…
CVE-2019-10276 — CVSS 9.8 (critical): Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file…
CVE-2018-7720 — CVSS 8.8 (high): A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting…
CVE-2018-7746 — CVSS 8.8 (high): An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel…
CVE-2018-8056 — CVSS 7.5 (high): Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channel_name parameter to /index.php?/manage/channel/addchan…
CVE-2018-7745 — CVSS 7.5 (high): An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuseri…
CVE-2022-36747 — CVSS 6.1 (medium): Razor v0.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the function uploadchannel().
CVE-2018-8770 — CVSS 5.3 (medium): Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest…