Filtered by vendor Popcorn Time Project
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37059 | 2 Getpopcorntime, Popcorn Time Project | 2 Popcorn Time, Popcorn Time | 2026-03-05 | 7.8 High |
| Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files (x86) or system root directories to be executed with SYSTEM-level permissions during service startup. | ||||
| CVE-2022-25229 | 1 Popcorn Time Project | 1 Popcorn Time | 2024-11-21 | 5.4 Medium |
| Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands. | ||||
Page 1 of 1.