CVE-2014-3962

Name of the Vulnerable Software and Affected Versions Videos Tube version 1.0

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the url parameter to specific API endpoints, such as "videocat.php" or "single.php".

Recommendations For version 1.0, consider restricting access to the videocat.php and single.php endpoints until a patch is available. As a temporary workaround, avoid using the url parameter in these endpoints to minimize the risk of exploitation.