Lucene search
K

155 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.8 views

CVE-2017-20117

A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...

5.4CVSS6.1AI score0.00577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.8 views

CVE-2017-20114

A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...

5.4CVSS6.2AI score0.00577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.9 views

CVE-2017-20113

A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

5.4CVSS6.1AI score0.00577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:41 a.m.11 views

CVE-2017-20119

A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirecturl leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclos...

6.1CVSS6.8AI score0.00674EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.4 views

The vulnerability of the TrueConf Server software, related to insufficient protection of operational data, allows attackers to obtain information about system users.

The vulnerability of the TrueConf Server software is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to obtain information about system users by sending a specially crafted API request...

7.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.6 views

The vulnerability of the TrueConf Server software, related to insufficient protection of operational data, allows attackers to gather information about system users.

The vulnerability of the TrueConf Server software is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to gather information about system users through API methods...

5.3CVSS5.5AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.4 views

PT-2024-7369 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to insufficient protection of service data in TrueConf Server. An attacker can exploit this by sending a specially crafted API request to obtain user informatio...

7.8CVSS6.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.7 views

PT-2024-5774 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to insufficient protection of service data in TrueConf Server, which can be exploited by a remote attacker to gather user system information through API methods...

5CVSS7AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/07/04 12:0 a.m.5 views

The vulnerability of the TrueConf Server software, related to deficiencies in access control, allows a perpetrator to increase their privileges and cause service failures.

The vulnerability of the TrueConf Server software is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and cause service interruptions...

6.5CVSS5.5AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.1 views

PT-2023-3387 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to inadequate access control in the software. It can be exploited by a remote attacker to elevate privileges and cause a denial of service. Recommendations: At...

6.4CVSS7.1AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/11 12:0 a.m.4 views

The vulnerability of the TrueConf Server software, related to uncontrolled resource consumption, allows a intruder to cause a service failure.

The vulnerability of the TrueConf Server software is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions through a specially crafted HTTPS request...

5.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/11 12:0 a.m.4 views

The vulnerability of the TrueConf Server software, related to insufficient protection of operational data, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the TrueConf Server software is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially crafted HTTPS request...

5.3CVSS5.5AI score
Exploits0Affected Software1
NVD
NVD
added 2022/12/27 1:15 a.m.19 views

CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

9.8CVSS0.02067EPSS
Exploits0References3
OSV
OSV
added 2022/12/27 1:15 a.m.5 views

CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

9.8CVSS7.8AI score0.02067EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/12/27 1:15 a.m.3 views

CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

9.8CVSS7.7AI score0.02067EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/12/27 1:15 a.m.14 views

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS0.01056EPSS
Exploits0References3
OSV
OSV
added 2022/12/27 1:15 a.m.3 views

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS6.5AI score0.01056EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/12/27 1:15 a.m.2 views

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS8.7AI score0.01056EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/12/27 1:15 a.m.31 views

Sql injection

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

7.5CVSS10AI score0.02067EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/12/27 1:15 a.m.15 views

Sql injection

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

6.5CVSS9.1AI score0.01056EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder