{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32321", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-11T21:16:21.661Z", "datePublished": "2026-03-18T20:37:51.891Z", "dateUpdated": "2026-03-19T17:47:53.606Z"}, "containers": {"cna": {"title": "ClipBucket v5 has time-based Blind SQL Injection in ajax.php that leads to Data Exfiltration", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-2757-6cp4-v7xx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-2757-6cp4-v7xx"}, {"name": "https://github.com/MacWarrior/clipbucket-v5/commit/726d68b0c9d4c702dce2691c2759b6bf84a1691f", "tags": ["x_refsource_MISC"], "url": "https://github.com/MacWarrior/clipbucket-v5/commit/726d68b0c9d4c702dce2691c2759b6bf84a1691f"}], "affected": [{"vendor": "MacWarrior", "product": "clipbucket-v5", "versions": [{"version": "< 5.5.3 - #80", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-18T20:37:51.891Z"}, "descriptions": [{"lang": "en", "value": "ClipBucket v5 is an open source video sharing platform. An authenticated time-based blind SQL injection vulnerability exists in ClipBucket prior to 5.5.3 #80 within the `actions/ajax.php` endpoint. Due to insufficient input sanitization of the `userid` parameter, an authenticated attacker can execute arbitrary SQL queries, leading to full database disclosure and potential administrative account takeover. Version 5.5.3 #80 fixes the issue."}], "source": {"advisory": "GHSA-2757-6cp4-v7xx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T17:40:18.987832Z", "id": "CVE-2026-32321", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T17:47:53.606Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32321", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-19T17:40:18.987832Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T17:44:39.953Z"}}], "cna": {"title": "ClipBucket v5 has time-based Blind SQL Injection in ajax.php that leads to Data Exfiltration", "source": {"advisory": "GHSA-2757-6cp4-v7xx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "MacWarrior", "product": "clipbucket-v5", "versions": [{"status": "affected", "version": "< 5.5.3 - #80"}]}], "references": [{"url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-2757-6cp4-v7xx", "name": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-2757-6cp4-v7xx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/MacWarrior/clipbucket-v5/commit/726d68b0c9d4c702dce2691c2759b6bf84a1691f", "name": "https://github.com/MacWarrior/clipbucket-v5/commit/726d68b0c9d4c702dce2691c2759b6bf84a1691f", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "ClipBucket v5 is an open source video sharing platform. An authenticated time-based blind SQL injection vulnerability exists in ClipBucket prior to 5.5.3 #80 within the `actions/ajax.php` endpoint. Due to insufficient input sanitization of the `userid` parameter, an authenticated attacker can execute arbitrary SQL queries, leading to full database disclosure and potential administrative account takeover. Version 5.5.3 #80 fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-18T20:37:51.891Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32321", "state": "PUBLISHED", "dateUpdated": "2026-03-19T17:47:53.606Z", "dateReserved": "2026-03-11T21:16:21.661Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-18T20:37:51.891Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oxygenz:clipbucket:*:*:*:*:*:*:*:*", "matchCriteriaId": "10D268B2-9D54-483D-892F-3D331F1E1C27", "versionEndExcluding": "5.5.3-80", "versionStartIncluding": "5.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ClipBucket v5 is an open source video sharing platform. An authenticated time-based blind SQL injection vulnerability exists in ClipBucket prior to 5.5.3 #80 within the `actions/ajax.php` endpoint. Due to insufficient input sanitization of the `userid` parameter, an authenticated attacker can execute arbitrary SQL queries, leading to full database disclosure and potential administrative account takeover. Version 5.5.3 #80 fixes the issue."}], "id": "CVE-2026-32321", "lastModified": "2026-03-19T18:47:02.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-18T21:16:26.410", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/MacWarrior/clipbucket-v5/commit/726d68b0c9d4c702dce2691c2759b6bf84a1691f"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-2757-6cp4-v7xx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.5.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "clipbucket-v5", "source": "cna", "vendor": "MacWarrior"}, "product": "clipbucket-v5", "vendor": "macwarrior"}], "analysis": {"en": {"generated_at": "2026-03-19T20:51:00.932679+00:00", "value": {"mitigation_remediation": ["Upgrade ClipBucket to version 5.5.3 or later to fix the injection vulnerability.", "Verify the installed version after upgrading.", "If upgrade is not immediately possible, restrict access to actions/ajax.php to trusted administrative users only and validate or sanitize the userid parameter on the server side.", "Monitor web server logs for unusual query patterns or injection attempts and alert on suspicious activity.", "Perform a security audit of other input points to ensure no similar injection vulnerabilities remain."], "summary": {"action": "Apply Patch", "impact": "Data Exfiltration"}, "threat_synthesis": {"affected_systems": "The vulnerable product is ClipBucket version 5 from MacWarrior, as referenced by the vendor name and the CPE string cpe:2.3:a:oxygenz:clipbucket. The flaw exists in all releases before 5.5.3 #80. Version 5.5.3 #80 and later contain the fix.", "description_and_impact": "ClipBucket v5 contains a time\u2011based blind SQL injection flaw in the actions/ajax.php endpoint. The issue stems from insufficient input sanitization of the userid parameter, allowing an authenticated attacker to craft payloads that cause delayed responses and reveal database contents. This weakness is classified as CWE\u201189. The impact of exploitation is full database disclosure and potential administrative account takeover, as the attacker can execute arbitrary SQL queries against the backend database.", "risk_and_exploitability": "The CVSS score is 8.8, placing the vulnerability in the high severity range. The EPSS score is less than 1%, indicating a low current probability of exploitation, and the vulnerability is not listed in CISA\u2019s KEV catalog. Attack requires authentication, meaning the threat is limited to users who can log in. An attacker can exploit the flaw by sending time\u2011based SQL payloads that induce measurable delays, allowing the attacker to recover data byte by byte. Automated tools that support blind SQL injection could be used if the attacker has the necessary access privileges."}}}}, "created": "2026-03-19T08:55:32.500469+00:00", "updated": "2026-03-25T11:52:15.075918+00:00", "vendors": ["macwarrior", "macwarrior$PRODUCT$clipbucket-v5"]}