155 matches found
CVE-2017-20117
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...
CVE-2017-20114
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...
CVE-2017-20113
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
CVE-2017-20119
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirecturl leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclos...
The vulnerability of the TrueConf Server software, related to insufficient protection of operational data, allows attackers to obtain information about system users.
The vulnerability of the TrueConf Server software is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to obtain information about system users by sending a specially crafted API request...
The vulnerability of the TrueConf Server software, related to insufficient protection of operational data, allows attackers to gather information about system users.
The vulnerability of the TrueConf Server software is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to gather information about system users through API methods...
PT-2024-7369 · Trueconf · Trueconf Server
Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to insufficient protection of service data in TrueConf Server. An attacker can exploit this by sending a specially crafted API request to obtain user informatio...
PT-2024-5774 · Trueconf · Trueconf Server
Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to insufficient protection of service data in TrueConf Server, which can be exploited by a remote attacker to gather user system information through API methods...
The vulnerability of the TrueConf Server software, related to deficiencies in access control, allows a perpetrator to increase their privileges and cause service failures.
The vulnerability of the TrueConf Server software is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and cause service interruptions...
PT-2023-3387 · Trueconf · Trueconf Server
Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to inadequate access control in the software. It can be exploited by a remote attacker to elevate privileges and cause a denial of service. Recommendations: At...
The vulnerability of the TrueConf Server software, related to uncontrolled resource consumption, allows a intruder to cause a service failure.
The vulnerability of the TrueConf Server software is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions through a specially crafted HTTPS request...
The vulnerability of the TrueConf Server software, related to insufficient protection of operational data, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the TrueConf Server software is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially crafted HTTPS request...
CVE-2022-46764
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...
CVE-2022-46764
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...
CVE-2022-46764
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...
CVE-2022-46763
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...
CVE-2022-46763
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...
CVE-2022-46763
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...
Sql injection
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...
Sql injection
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...