PT-2019-13846 · Fv Flowplayer · Fv Flowplayer Video Player

M0Ze

+1

·

Published

2019-08-09

·

Updated

2019-08-14

·

CVE-2019-14801

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions FV Flowplayer Video Player plugin versions prior to 7.3.15.727
Description The issue allows for SQL injection in the email subscription functionality.
Recommendations For versions prior to 7.3.15.727, update to version 7.3.15.727 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2019-14801

Affected Products

Fv Flowplayer Video Player