File Upload Vulnerability in ClipBucket Video Hosting Application
CVE-2025-21624

Currently unrated

Key Information:

Vendor

ClipBucket

Status
ClipBucket V5
Vendor
CVE Published:
7 January 2025

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸฃ EPSS 23%

What is CVE-2025-21624?

In ClipBucket V5 prior to version 5.5.1 - 239, a significant file upload vulnerability exists within the Manage Playlist functionality. This flaw enables attackers to upload malicious PHP script files masquerading as image files during the upload of playlist cover images. The lack of robust validation checks permits both administrators and regular users to execute potentially harmful scripts on the server. Consequently, this vulnerability poses a serious risk to the security of services relying on ClipBucket for video hosting, making it essential to upgrade to the patched version to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/MacWarrior/clipbucket-v5/commit/893bfb...
https://github.com/MacWarrior/clipbucket-v5/security/advi...
https://github.com/MacWarrior/clipbucket-v5/security/advi...

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

JSON
.