Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 60+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Fix for Unauthenticated Access in PHP Scripts via forbidIfIfUntrustedRequest
github.com · 2026-04-22
WWBN/AVideo
Read more
High
AVideo Admin Endpoints CSRF Vulnerabilities Leading to Privilege Escalation
github.com · 2026-04-22
AVideo <= 29.0
Read more
High
PHP CMS Comment Deletion Unauthenticated Access Vulnerability and Fix
github.com · 2026-04-22
WWBN/AVideo
Read more
Medium
AVideo CVE-2024-40928 CSRF Vulnerability Analysis and POC
CVE-2024-40928 · github.com · 2026-04-22
AVideo <= 29.0
Read more
High
WWBN/Avideo commentDelete.json.php CSRF Vulnerability
github.com · 2026-04-22
WWBN/Avideo <= 29.0
Read more
High
Unauthorized Access Fix: Category Delete/Comment APIs via forbidIfUntrustedRequest
github.com · 2026-04-22
WWBN/AVideo
Read more
Medium
WWBN/AVideo Captcha Bypass Vulnerability Analysis
github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
High
Fix for Captcha Logic Flaw Allowing Admin Bypass
github.com · 2026-04-22
WWBN/AVideo
Read more
High
CSRF in wwbn/avideo configurationUpdate.json.php Enables Full Site Takeover and Persistent XSS
GHSA-8x5w-5j9j-7h5x · github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
Premium intel
High
YPTSocket Plugin Code Injection Vulnerability Fix Analysis
github.com · 2026-04-22
AVideo (via YPTSocket plugin)
Read more
Premium intel
Critical
wwbn/avideo YPTSocket Unauthenticated Cross-User JavaScript Execution via WebSocket Relay
github.com · 2026-04-22
WWBN/AVideo <= 29.0
Read more
Medium
WWBN AVideo IDOR in Live Restreams Exposes RTMP Keys and OAuth Tokens
github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
Medium
IDOR Vulnerability Fix in Live_restreams Module
github.com · 2026-04-22
WWBN/AVideo Live_restreams module
Read more
Medium
WWBN AVideo Unauthenticated Information Disclosure via git.json.php (CVE-2026-40908)
CVE-2026-40908 · github.com · 2026-04-22
WWBN/AVideo <= 29.0
Read more
Premium intel
High
wwbn/avideo Path Traversal to Arbitrary PHP File Write and RCE
github.com · 2026-04-22
wwbn/avideo <= 29.0
Read more
Medium
AVideo EPG XSS Vulnerability: POC, Impact, and Patch Details
GHSA-wwbn-avideo-xss · github.com · 2026-04-08
wwbn/avideo <= 26.0
Read more
Medium
wwbn/avideo PayPal IPN Replay Attack Allows Wallet Balance Inflation
github.com · 2026-04-08
wwbn/avideo <= 26.0
Read more
High
CVE-2025-35369 Path Traversal Vulnerability and PoC
CVE-2025-35369 · github.com · 2026-04-08
WWBN/AVideo <= 26.0
Read more
Medium
PayPal IPN Replay Attack Vulnerability Fix and Deduplication Mechanism Analysis
github.com · 2026-04-08
WWBN/AVideo (plugin/PayPalIPN/ipn.php)
Read more
High
WWBN/AVideo Stored SSRF in Live Restream Log Callback
github.com · 2026-04-08
WWBN/AVideo <=26.0
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.