CVE-2017-15956

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
29/10/2017
Last modified:
20/04/2025

Description

ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:converto_video_downloader_\&_converter_project:converto_video_downloader_\&_converter:1.4.1:*:*:*:*:*:*:*