yetangitu/Oinktube
1
0
Fork 0
mirror of https://github.com/DanielnetoDotCom/YouPHPTube synced 2025-10-03 09:49:28 +02:00
Code Issues Releases Wiki Activity
18668 commits 27 branches 35 tags 638 MiB
Commit graph

561 commits

Author SHA1 Message Date
Daniel Neto
dad7169340 https://github.com/WWBN/AVideo/issues/8011 2023-05-15 09:34:07 -03:00
Daniel Neto
f9bb45f215 Update 2023-04-26 12:35:24 -03:00
Daniel Neto
04065e2d6c update 2023-04-24 15:06:57 -03:00
Daniel Neto
5ef6e84a8c update 2023-04-08 12:03:58 -03:00
Daniel Neto
f83cdc2989 update 2023-04-08 11:56:47 -03:00
Daniel Neto
8b7e6967fd update 2023-04-08 11:49:19 -03:00
Daniel Neto
6d97421440 update 2023-04-08 11:41:23 -03:00
Daniel Neto
1b9fa95c26 update 2023-04-08 11:26:29 -03:00
Daniel Neto
5cf8ada037 update 2023-04-08 11:18:00 -03:00
Daniel Neto
9dcf0278d3 update 2023-04-08 11:06:21 -03:00
Daniel Neto
b883cb05be update 2023-03-06 15:52:01 -03:00
Daniel Neto
e1bf080979 update socket 2023-03-06 15:36:54 -03:00
Daniel Neto
cea1a3ee95 autoplay update 2023-03-03 13:42:19 -03:00
Daniel Neto
60f735ba62 update 2023-03-03 13:31:32 -03:00
Daniel Neto
4cd726f580 Docker logs 2023-03-01 13:14:37 -03:00
Daniel Neto
9c94150b6b update 2023-02-27 15:41:07 -03:00
Daniel Neto
b1048c7827 update 2023-02-27 15:37:33 -03:00
Daniel Neto
d545f864ac fix 2023-02-27 15:26:43 -03:00
Daniel Neto
c6a075e56d update 2023-02-27 14:22:49 -03:00
DanieL
b732e43941 Update not found image 2023-02-10 21:57:58 -03:00
DanieL
649dd5e829 Update 2023-02-01 08:40:03 -03:00
DanieL
2b44dee815 Thanks Jefferson Gonzales 
this update prevents the XSS attack

Description:

While making an account in demo.avideo.com I found a parameter "?success=" which did not sanitize any symbol character properly which leads to XSS attack.

Impact:

Since there's an Admin account on demo.avideo.com attacker can use this attack to Takeover the admin's account

Step to Reproduce:

1. Click the link below

https://demo.avideo.com/user?success="><img src=x onerror=alert(document.cookie)>

2. Then XSS will be executed
 2023-01-31 11:59:34 -03:00
DanieL
f574e97d2a Add a new video status 
unlisted but searchable
 2023-01-26 14:15:36 -03:00
KrzysioMisio
25707b6888
Update script.js 
Polish characters
 2023-01-07 21:23:00 +01:00
DanieL
02fd89e23b New mobile app assets 2023-01-04 10:29:20 -03:00
DanieL
e170e053e1 Updates 2022-12-30 10:06:43 -03:00
DanieL
49d1a93ad0 Login updates 2022-12-29 10:57:01 -03:00
DanieL
b7b50379a1 Update 2022-12-22 13:24:08 -03:00
DanieL
6acaf505ba Update 2022-12-22 13:23:12 -03:00
DanieL
2a82d79cc8 Update 2022-12-22 13:22:02 -03:00
DanieL
005992cbc3 Update 2022-12-22 13:20:30 -03:00
DanieL
997524e59e Update 2022-12-22 13:15:03 -03:00
DanieL
c84c1afd5e update 2022-12-21 11:43:44 -03:00
DanieL
25b6a884b6 Update socket script 2022-12-13 11:39:52 -03:00
DanieL
c0550f17ee Updates 2022-11-29 18:44:04 -03:00
DanieL
ee76cffb9f Updates 2022-11-29 18:29:03 -03:00
DanieL
6627a124f1 Updates 2022-11-29 18:17:28 -03:00
DanieL
7fc281ca0a Updates 2022-11-29 18:13:31 -03:00
DanieL
ab2d4ab3ae Updates 2022-11-29 17:35:03 -03:00
DanieL
641e1e48e6 Updates 2022-11-29 17:32:26 -03:00
Daniel
ac6778d4b5 update 2022-11-24 18:34:47 -03:00
Daniel
3d9c7e50bf @ new functions 2022-11-24 18:27:30 -03:00
Daniel
cdd50346b3 Merge branch 'master' of https://github.com/WWBN/AVideo 2022-11-24 18:27:19 -03:00
Daniel
d6f2fcf5f7 Update logoff 2022-11-24 18:24:54 -03:00
DanieL
94a1231e70 new Function to get user JS 2022-11-23 12:09:24 -03:00
DanieL
52f9461f16 https://github.com/WWBN/AVideo/issues/7372 2022-11-15 09:37:39 -03:00
DanieL
849d717360 Update 2022-10-31 12:35:35 -03:00
DanieL
0c817d5d6e https://github.com/WWBN/AVideo/issues/7258 2022-10-14 11:06:47 -03:00
DanieL
f45c72f577 Use embed 2022-10-05 14:43:09 -03:00
DanieL
7dde741821 Use embed 2022-10-05 14:23:55 -03:00