Lucene search
K

155 matches found

CVE
CVE
added 2025/12/30 12:0 a.m.18 views

CVE-2025-66834

TrueConf Server is affected by a CSV Formula Injection in version 5.5.2.10813. A normal user can inject malicious spreadsheet formulas into exported chat logs by crafting the Display Name, indicating a CSV macro/formula injection vulnerability. Impact per sources is high confidentiality and integ...

7.3CVSS6.6AI score0.00261EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.7 views

TrueConf Server 安全漏洞

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf server version 5.5.2.10813, which stems from the presence of HTML injection in the meeting description field, which could lead to the injection o...

5.4CVSS5.9AI score0.00159EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/30 12:0 a.m.4 views

CVE-2025-66824

A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...

4.9AI score0.00261EPSS
Exploits1References2
CVE
CVE
added 2025/12/30 12:0 a.m.19 views

CVE-2025-66824

TrueConf Server v5.5.2.10813 is affected by a Stored XSS in the Meeting location field (Create/Edit Conference) where input in the meeting_room parameter is stored and executed on the Conference Info page, enabling full Account Takeover (ATO). Root cause: improper sanitization of user-supplied in...

8.7CVSS4.9AI score0.00261EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/12/30 12:0 a.m.13 views

CVE-2025-66823

CVE-2025-66823 describes an HTML injection vulnerability in TrueConf Server 5.5.2.10813 in the conference description field. The issue allows an attacker to inject arbitrary HTML in Create/Edit conference functionality, with execution when the victim views the Conference Info page. Affected compo...

5.4CVSS6.7AI score0.00159EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-11126

Malware in sbrugna...

6.1CVSS6.2AI score0.00674EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-11124

Malware in sbrugna...

5.4CVSS5.4AI score0.00577EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11127

Malware in sbrugna...

8.8CVSS8.7AI score0.00483EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11125

Malware in sbrugna...

5.4CVSS5.5AI score0.00577EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2017-11121

Malware in sbrugna...

5.4CVSS5.4AI score0.00577EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-11123

Malware in sbrugna...

5.4CVSS5.4AI score0.00577EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11122

Malware in sbrugna...

5.4CVSS5.4AI score0.00577EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11120

Malware in sbrugna...

5.4CVSS5.4AI score0.00577EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-49546

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01056EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.10 views

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS8.7AI score0.01056EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.11 views

CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

9.8CVSS7.7AI score0.02067EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:47 a.m.9 views

CVE-2017-20120

A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

8.8CVSS6.9AI score0.00483EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.9 views

CVE-2017-20116

A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...

5.4CVSS6.1AI score0.00577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.9 views

CVE-2017-20115

A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting Reflected. The attack may be initiated remotely. The exploit...

5.4CVSS6.1AI score0.00577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.8 views

CVE-2017-20118

A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be launched remotely. Th...

5.4CVSS6.1AI score0.00577EPSS
Exploits1References1
Rows per page
Query Builder