65 matches found
The vulnerability of the IVA MCU video conference server software, related to the possibility of loading dangerous files, allows attackers to execute XSS attacks.
The vulnerability of the IVA MCU video conference server software relates to the possibility of loading files of a malicious nature. Exploiting this vulnerability allows a remote attacker to carry out an XSS-type attack...
WordPress Webinar and Video Conference with Jitsi Meet Plugin <= 1.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Webinar and Video Conference with Jitsi Meet Type Plugin Vulnerable versions = 1.2.5 Fixed in 2.0.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d77b318b12e...
CVE-2022-20783
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient inp...
Cisco Webex Network Webex Player 缓冲区错误漏洞
Cisco Webex Network Webex Player is a player for playing video conference recordings from Cisco. A buffer error vulnerability exists in Cisco Webex Player that can be exploited by an attacker to cause the affected software to terminate or obtain memory state information related to the attacked...
Cisco Webex Network Webex Player 缓冲区错误漏洞
Cisco Webex Network Webex Player is a player for playing video conference recordings from Cisco. A buffer error vulnerability exists in Cisco Webex Player, which can be exploited by an attacker to execute arbitrary code on an affected system...
Weak password vulnerability in video conference management system of Zhejiang Dahua Technology Co.
Video Conference Management System is a video cloud conferencing service software developed specifically for small and medium-sized businesses. The video conference management system of Zhejiang Dahua Technology Co. Ltd. is logically vulnerable to weak password vulnerability. Attackers use the we...
Arbitrary file download vulnerability exists in the server management background of GoodView Video Conference Enterprise Edition (CNVD-2021-29146)
Shenzhen Yinpeng Cloud Computing Co., Ltd. is a domestic cloud computing products and services provider. Arbitrary file download vulnerability exists in the server management background of GoodView Video Conference Enterprise Edition, which can be exploited by attackers to obtain sensitive...
Catalog Traversal Vulnerability in HIM Basic Management Platform of Beijing Zhongchuang Vision Technology Co.
Ltd. is a high-tech company specializing in the research and development of video conference system hardware and software. There is a directory traversal vulnerability in the HIM base management platform of Beijing CCTV Technology Co., Ltd. that can be exploited by an attacker to traverse any...
SQL Injection Vulnerability in Video Conference Management System of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is a video-centered intelligent IOT solution provider and operation service provider. A SQL injection vulnerability exists in the video conference management system of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...
Command Execution Vulnerability in UCM Collaborative Communication Platform of Beijing Zhongchuang Vision Technology Co.
UCM Collaborative Communication Platform is a SIP communication control hardware device, which can realize traditional video conference system terminal registration, multi-party conference MCU, device management, firewall traversal and so on. There is a command execution vulnerability in the UCM...
Determining What Video Conference Participants Are Typing from Watching Shoulder Movements
Accuracy isnt great, but that it can be done at all is impressive. Murtuza Jadiwala, a computer science professor heading the research project, said his team was able to identify the contents of texts by examining body movement of the participants. Specifically, they focused on the movement of...
Haozitong Video Conferencing Enterprise Edition Server Administration Background Exists Arbitrary File Download Vulnerability
Shenzhen Yinpeng Cloud Computing Co., Ltd. is a cloud computing product and service provider. Arbitrary file download vulnerability exists in the server management background of GoodView Video Conference Enterprise Edition, which can be exploited by attackers to obtain sensitive information...
Huawei VP9630, VP9650 and VP9660 Use of Insufficient Random Values Vulnerability
Huawei VP9630 is a multimedia switching device mainly used for video conferencing from Huawei, China. A security vulnerability exists in the Huawei VP9630, VP9650, and VP9660. A remote attacker could exploit the vulnerability to obtain information...
AVCON6 Systems Management Platform Detection
Detection of AVCON6 Systems Management Platform. The script sends a connection request to the server and attempts to detect AVCON6 Systems Management Platform. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
UDP based applications may get affected when traffic processing is disabled on the SDWAN
On the video conference tool based of IPSEC UDP, Master node isn't able to see the remote nodes sitting behind the SDWAN-WanOP. This tool uses dynamic IPSEC tunnels over the WAN and passes through our WanOP...
SQL Injection Vulnerability in Gobetter Video Conference System of Beijing Gobetter Technology Co.
Gobalt network video conferencing system supports thousands of people to participate in the meeting at the same time, supporting work meetings, remote training, product sales, online seminars, consulting services and other application scenarios. The product has a SQL injection vulnerability, the...
Gobetter network video conference systems /web/department/deptsave.php files like SQL injection vulnerabilities
No description provided by source...
Gobetter network video conference systems /web/conferences/maillogin_sub.php file confid parameter SQL injection vulnerability
No description provided by source...
V2视频会议系统命令执行漏洞
No description provided by source...
Techbridge 视频会议系统 index.php 参数offsetminus SQL注入漏洞
exp: http://xxx/common/webmeeting/index.php?offsetminus=SELECT 6872 FROMSELECT COUNT,CONCAT0x7e7e7e,database,0x7e7e7e,FLOORRAND02x FROM INFORMATIONSCHEMA.CHARACTERSETS GROUP BY xa&day=26&min=10&year=2014...