CVE-2026-33723 | WWBN AVideo up to 26.0 Database Table objects/subscribe.php Subscribe::save user_id sql injection

A vulnerability was found in WWBN AVideo up to 26.0. It has been declared as critical. The impacted element is the function Subscribe::save of the file objects/subscribe.php of the component Database Table Handler. Such manipulation of the argument user_id leads to sql injection.

This vulnerability is listed as CVE-2026-33723. The attack may be performed from remote. There is no available exploit.

Applying a patch is advised to resolve this issue.VulDB Recent EntriesRead More