155 matches found
CVE-2022-46764
CVE-2022-46764 affects TrueConf Server 5.2.0.10225. The web API is vulnerable to SQL injection that allows remote unauthenticated execution of arbitrary SQL commands, leading to remote code execution. The issue is fixed in version 5.2.6. Connected sources confirm the affected product/version and ...
CVE-2022-46764
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...
TrueConf Server SQL注入漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.2.0.10225, which stems from a web API that allows an unauthenticated, remote attacker to execute arbitrary SQL commands via SQL...
CVE-2022-46763
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...
CVE-2022-46764
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...
CVE-2022-46763
The CVE-2022-46763 issue affects TrueConf Server 5.2.0.10225, where a SQL injection in a database stored function allows a low-privileged database user to execute arbitrary SQL as the database administrator, potentially enabling arbitrary code execution. The root cause is a vulnerability in the d...
TrueConf Server SQL注入漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.2.0.10225, which stems from a database stored feature that allows a low-privileged database user to execute arbitrary SQL comman...
CVE-2022-46763
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...
PT-2022-27977
Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.2.0.10225 Description A SQL injection issue in a database stored function allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...
PT-2022-27978
Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.2.0.10225 Description A SQL injection issue in the web API allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution. Recommendations For TrueConf Server...
PT-2022-6402 · Trueconf · Trueconf Server
Name of the Vulnerable Software and Affected Versions: TrueConf Server affected versions not specified Description: The issue is related to insufficient protection of service data in TrueConf Server. It can be exploited by a remote attacker using a specially crafted HTTPS request to gain...
Vulnerability of the /admin/service/stop/ component of the TrueConf Server software, which allows a attacker to perform a CSRF attack
The vulnerability of the /admin/service/stop/ component of the TrueConf Server is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53540)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that could be exploited by remote attackers to perform basic cross-site scripting Reflected attacks...
TrueConf Server Cross-Site Request Forgery Vulnerability
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to cross-site request forgery, which can be exploited by remote attackers to perform cross-site request forgery attacks...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53539)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that can be exploited by remote attackers to perform basic cross-site scripting DOM attacks...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53542)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53538)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that can be exploited by remote attackers to perform basic cross-site scripting DOM attacks...
TrueConf Server Input Validation Error Vulnerability
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. TrueConf Server version 4.3.7 is vulnerable to an input validation error that could be exploited by remote attackers to perform open redirect attacks...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53541)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. TrueConf Server version 4.3.7 is vulnerable to a cross-site scripting vulnerability stemming from certain unknown processing of the file /admin/conferences/list/, where parameter ordering...
TrueConf Server Cross-Site Scripting Vulnerability
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary HTML and script code in the user's browser...