From ehackingnews.com
![](https://1.bp.blogspot.com/-__9hCVaXf9U/YBT7THPo_8I/AAAAAAAAAbc/Rd76MMnakmIEMT4vLWKwMo9YPSWxz57bwCLcBGAsYHQ/s600/code-1689066_1920.jpg)
Various vulnerabilities in open source video platforms YouPHPTube and AVideo could be utilized to accomplish remote code execution (RCE) on a client’s gadget. It can take an average of more than four years for vulnerabilities in open-source software to be detected, an area in the security community that needs to be addressed, researchers say. Experts from Synacktiv found various vulnerabilities in the source code-shared by the ventures that were because of an absence of client input sanitization, a related write-up reads. The issues incorporate an unauthenticated SQL injection vulnerability, multiple cross-site scripting (XSS) flaws, and a file write vulnerability.