EUVD-2022-50734

Malicious code in bioql PyPI...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

PT-2025-26845 · Vinteo · Сервер Vinteo

Уязвимость сервера программного обеспечения для видеоконференций Vinteo существует из-за недостаточной фильтрации данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код...

PT-2024-3354 · Unknown · Vinteo Client

Name of the Vulnerable Software and Affected Versions: Vinteo Client affected versions not specified Description: The issue is related to the lack of protection for the web page structure in Vinteo Client, allowing a remote attacker to conduct a cross-site scripting XSS attack. Recommendations: A...

PT-2024-61: OS Command Injection in Vinteo Videoconferencing Server

The vulnerability was identified in Vinteo Videoconferencing Server, version 29.2.18. The discovered vulnerability can be exploited by an attacker to execute commands with superuser privileges. Vulnerability status: Confirmed by vendor Recommendations: Update to version v29.3.6 or higher...

PT-2024-62: SQL Injection in Vinteo Videoconferencing Server

The vulnerability was identified in Vinteo Videoconferencing Server, version 29.2.18. The discovered vulnerability can be exploited by an authorized attacker to execute arbitrary SQL queries, which can lead to the possibility of executing arbitrary commands with superuser rights. Vulnerability...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

Cross site scripting

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

CVE-2022-48020

CVE-2022-48020 affects Vinteo VCC v2.36.4. The vulnerability is a reflected cross-site scripting (XSS) flaw exposed via the conference parameter, allowing an attacker to inject code that runs in the victim’s browser. According to the sources, the attack is network-based with low attack complexity...

Vinteo VCC 跨站脚本漏洞

Vinteo VCC is a video conferencing application from Vinteo. A security vulnerability exists in Vinteo VCC version v2.36.4, which stems from the discovery of a cross-site scripting XSS vulnerability contained via the conference parameter. An attacker can exploit the vulnerability to inject arbitra...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

PT-2022-6243 · Vinteo · Vinteo Vcc

Name of the Vulnerable Software and Affected Versions: Vinteo VCC version 2.36.4 Description: The issue is related to the lack of protection for the web page structure, allowing a remote attacker to conduct a cross-site scripting XSS attack. This vulnerability enables attackers to inject arbitrar...