The vulnerability of the Crestron Automate VX video conference management system, related to the transmission of accounting data in unencrypted form, allows a intruder to disclose the transmitted accounting data and gain unauthorized access to the system.

The vulnerability of the Crestron Automate VX video conference system lies in the transmission of account information in an unencrypted form. Exploiting this vulnerability could allow a malicious actor to disclose the transmitted account information and gain unauthorized access to the system...

PKP Web Application Library Cross-Site Scripting Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site scripting vulnerability exists in versions prior to PKP Web Application Library 3.3.0-1...

PKP Web Application Library Cross-Site Scripting Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site scripting vulnerability exists in the PKP Web Application Library prior to version...

PKP Web Application Library Cross-Site Request Forgery Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site request forgery vulnerability exists in versions prior to PKP Web Application Library...

PKP Web Application Library Cross-Site Scripting Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site scripting vulnerability exists in versions prior to PKP Web Application Library 3.3.0-1...

PKP Web Application Library Cross-Site Scripting Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site scripting vulnerability exists in versions prior to PKP Web Application Library 3.3.0-1...

PKP Web Application Library Cross-Site Request Forgery Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site request forgery vulnerability exists in versions prior to PKP Web Application Library...

PKP Web Application Library Code Issue Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A code issue vulnerability exists in the PKP Web Application Library prior to version 3.3.0-16, whic...

PKP Web Application Library Cross-Site Scripting Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site scripting vulnerability exists in versions prior to PKP Web Application Library 3.3.0-1...

PKP Web Application Library Cross-Site Request Forgery Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A cross-site request forgery vulnerability exists in the PKP Web Application Library prior to versio...

CVE-2021-21741

There is a command execution vulnerability in a ZTE conference management system. As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending specific serialization command...

PT-2021-14752 · Zte · Zte Conference Management System

Name of the Vulnerable Software and Affected Versions: ZTE conference management system affected versions not specified Description: The issue concerns a command execution vulnerability. It allows an attacker to execute arbitrary commands by sending specific serialization commands, taking advanta...

Catalog Traversal Vulnerability in HIM Basic Management Platform of Beijing Zhongchuang Vision Technology Co.

Ltd. is a high-tech company specializing in the research and development of video conference system hardware and software. There is a directory traversal vulnerability in the HIM base management platform of Beijing CCTV Technology Co., Ltd. that can be exploited by an attacker to traverse any...

SQL Injection Vulnerability in Hotel Conference Information Distribution System of Ammed Century (Beijing) Technology Co.

Ammed Century Beijing Technology Co., Ltd. is a digital service solution provider and digital content operation service provider for star-rated hotels. A SQL injection vulnerability exists in the Hotel Conference Information Distribution System of Ammed Century Beijing Technology Co., Ltd, which...

Arbitrary File Download Vulnerability in StarNet Ruijie Multimedia Conference System BMS

Fujian StarNet Ruijie Communication Co., Ltd. is an ICT application solution provider. An arbitrary file download vulnerability exists in the StarNet Ruijie Multimedia Conference System BMS. An attacker can exploit the vulnerability to download other files, such as a configuration file containing...

SQL Injection Vulnerability in Se***.aspx Page of Qixing Conference Booking System

Qixing Meeting Booking System is a meeting booking system that prevents meeting conflicts and allows you to view the utilization rate of each meeting room in order to optimize the configuration of the meeting room. A SQL injection vulnerability exists in the Se.aspx page of the Qixing Meeting...

ShoreTel Connect ONSITE - Blind SQL Injection

Exploit Title: ShoreTel Connect ONSITE Blind SQL Injection Vulnerability Date: 19-09-2016 Software Link: https://www.shoretel.com/resource-center/shoretel-connect-onsite-overview Exploit Author: Iraklis Mathiopoulos Contact: https://twitter.com/imath Website: https://medium.com/@iraklis Category:...

SQL injection vulnerability in LiveX video conferencing system/default.asp parameter of Shanghai Caiman Software Technology Co.

LiveX video conferencing system of Shanghai ColorManager Software Technology Co., Ltd. is a mobile HD video conferencing system solution. There is a SQL injection vulnerability in the parameter /default.asp of LiveX Video Conference System of Shanghai Color League Software Technology Co., Ltd,...

SQL Injection Vulnerability in Online Conference System of Beijing Gobit Technology Co.

Online meeting system Beijing Gobitech Technology Co. A SQL injection vulnerability exists in the Online Conference System of Beijing Gobitech Technology Co. The parameter deptid is injected, which can be used by an attacker to launch an attack and obtain sensitive information from the database...

Unified conference system universal password vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: the Unified conference systemthe Unified Council Systemsthere is a serious administrator authentication bypass vulnerability, if not fix the vulnerability, an attacker using a simple or=or you can break through the background verification of the limit, the consequences...