Lucene search
K

155 matches found

CVE
CVE
added 2022/12/27 12:0 a.m.90 views

CVE-2022-46764

CVE-2022-46764 affects TrueConf Server 5.2.0.10225. The web API is vulnerable to SQL injection that allows remote unauthenticated execution of arbitrary SQL commands, leading to remote code execution. The issue is fixed in version 5.2.6. Connected sources confirm the affected product/version and ...

9.8CVSS7.7AI score0.02067EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/27 12:0 a.m.222 views

CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

9.8CVSS10AI score0.02067EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.5 views

TrueConf Server SQL注入漏洞

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.2.0.10225, which stems from a web API that allows an unauthenticated, remote attacker to execute arbitrary SQL commands via SQL...

9.8CVSS9.3AI score0.02067EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/27 12:0 a.m.6 views

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS8.7AI score0.01056EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/27 12:0 a.m.10 views

CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

9.8CVSS7.7AI score0.02067EPSS
Exploits0References3
CVE
CVE
added 2022/12/27 12:0 a.m.87 views

CVE-2022-46763

The CVE-2022-46763 issue affects TrueConf Server 5.2.0.10225, where a SQL injection in a database stored function allows a low-privileged database user to execute arbitrary SQL as the database administrator, potentially enabling arbitrary code execution. The root cause is a vulnerability in the d...

8.8CVSS8.7AI score0.01056EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.5 views

TrueConf Server SQL注入漏洞

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.2.0.10225, which stems from a database stored feature that allows a low-privileged database user to execute arbitrary SQL comman...

8.8CVSS8.7AI score0.01056EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/12/27 12:0 a.m.19 views

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS9.4AI score0.01056EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.4 views

PT-2022-27977

Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.2.0.10225 Description A SQL injection issue in a database stored function allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

8.8CVSS8.5AI score0.01056EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.7 views

PT-2022-27978

Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.2.0.10225 Description A SQL injection issue in the web API allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution. Recommendations For TrueConf Server...

9.8CVSS9.3AI score0.02067EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/11/18 12:0 a.m.3 views

PT-2022-6402 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to insufficient protection of service data in TrueConf Server. It can be exploited by a remote attacker using a specially crafted HTTPS request to gain...

5CVSS7.2AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/04 12:0 a.m.5 views

Vulnerability of the /admin/service/stop/ component of the TrueConf Server software, which allows a attacker to perform a CSRF attack

The vulnerability of the /admin/service/stop/ component of the TrueConf Server is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

4CVSS7.4AI score0.00483EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/07/01 12:0 a.m.25 views

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53540)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that could be exploited by remote attackers to perform basic cross-site scripting Reflected attacks...

5.4CVSS3.6AI score0.00577EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.27 views

TrueConf Server Cross-Site Request Forgery Vulnerability

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to cross-site request forgery, which can be exploited by remote attackers to perform cross-site request forgery attacks...

8.8CVSS5.1AI score0.00483EPSS
Exploits0References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.29 views

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53539)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that can be exploited by remote attackers to perform basic cross-site scripting DOM attacks...

5.4CVSS3.5AI score0.00577EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.30 views

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53542)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...

5.4CVSS3.1AI score0.00577EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.26 views

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53538)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that can be exploited by remote attackers to perform basic cross-site scripting DOM attacks...

5.4CVSS3.5AI score0.00577EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.24 views

TrueConf Server Input Validation Error Vulnerability

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. TrueConf Server version 4.3.7 is vulnerable to an input validation error that could be exploited by remote attackers to perform open redirect attacks...

6.1CVSS5AI score0.00674EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.26 views

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53541)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. TrueConf Server version 4.3.7 is vulnerable to a cross-site scripting vulnerability stemming from certain unknown processing of the file /admin/conferences/list/, where parameter ordering...

5.4CVSS1.4AI score0.00577EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/01 12:0 a.m.29 views

TrueConf Server Cross-Site Scripting Vulnerability

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary HTML and script code in the user's browser...

5.4CVSS3.9AI score0.00577EPSS
Exploits1References1
Rows per page
Query Builder