24 matches found
CVE-2026-22800
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
CVE-2026-22800
PILOS (Platform for Interactive Live-Online Seminars) before version 4.10.0 contains a CSRF vulnerability in an administrative GET endpoint that terminates all active video conferences on a single BigBlueButton server. Although authorization checks exist, the use of GET allows implicit invocation...
CVE-2026-22800 PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
CVE-2026-22800 PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
PILOS 跨站请求伪造漏洞
PILOS is an open source front-end software from THM. A cross-site request forgery vulnerability exists in PILOS versions prior to 4.10.0, which stems from a cross-site request forgery in the management API endpoint that could result in termination of all active video conferences...
CVE-2025-23969
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
EUVD-2025-17155
Malicious code in bioql PyPI...
EUVD-2025-17154
Malicious code in bioql PyPI...
CVE-2025-23971
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23971
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23969
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23969 WordPress KI Live Video Conferences plugin <= 5.5.15 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23969
CVE-2025-23969 is reported for KI Live Video Conferences (via RH: CVE-2025-23969) and concerns Exposure of Sensitive System Information to an Unauthorized Actor . The Red Hat entry mirrors the description: it affects KI Live Video Conferences (version range: n/a up to 5.5.15) and enables retrieva...
CVE-2025-23971 WordPress KI Live Video Conferences plugin <= 5.5.15 - Broken Access Control Vulnerability
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23971 WordPress KI Live Video Conferences plugin <= 5.5.15 - Broken Access Control Vulnerability
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23971
CVE-2025-23971 : Missing Authorization in KI Live Video Conferences enables access-control misconfigurations for versions
WordPress plugin KI Live Video Conferences 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exis...
WordPress plugin KI Live Video Conferences 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exis...
PT-2025-24111 · Unknown · Whassan Ki Live Video Conferences
Name of the Vulnerable Software and Affected Versions: whassan KI Live Video Conferences versions 5.5.15 and earlier Description: The issue is related to a Missing Authorization vulnerability that allows exploiting incorrectly configured access control security levels. This can be exploited in...
The vulnerability of the video file exchange function in Jitsi Meet software, which allows attackers to upload arbitrary video files.
The vulnerability of the video file exchange function in Jitsi Meet software for conducting video conferences is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to upload arbitrary video files remotely...