CVE-2026-45418 – ClipBucket: Blind SQL Injection in subtitle_edit.php

CVE ID :CVE-2026-45418

Published : June 11, 2026, 10:48 p.m. | 32 minutes ago

Description :ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 – #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish…). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 – #132.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-47238 – ClipBucket: IDOR in videos subtitle editor

CVE-2026-45060 – ClipBucket: Blind SQL Injection in progress_video.php

CVE-2026-42846 – ClipBucket: Remote Play URL Command Injection

CVE-2026-6250 – Authenticated Format String Injection on TP-Link Tapo C110