CVE-2026-33352 | WWBN AVideo up to 25.x Request Parameter objects/category.php getAllCategories sql injection (GHSA-mcj5-6qr4-95fj)

A vulnerability was found in WWBN AVideo up to 25.x. It has been rated as critical. The impacted element is the function getAllCategories of the file objects/category.php of the component Request Parameter Handler. This manipulation causes sql injection.

This vulnerability appears as CVE-2026-33352. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More