EUVD-2022-50734

Malicious code in bioql PyPI...

The vulnerability of the Vinteo video conference software server lies in its insufficient data filtering, which allows attackers to execute arbitrary code.

The vulnerability of the Vinteo video conference software server exists due to insufficient data filtering. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Vinteo video conference software server lies in the lack of protective measures for website structures. This allows attackers to carry out XSS attacks and execute arbitrary requests.

The vulnerability of the Vinteo video conference software server lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely and execute arbitrary requests...

The vulnerability of the Vinteo video conference software’s interface component arises from insufficient validation of input data, allowing a hacker to execute arbitrary code in the administrator panel.

The vulnerability of the Vinteo video conference software’s interface component exists due to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the administrator panel...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

PT-2025-26845 · Vinteo · Сервер Vinteo

Уязвимость сервера программного обеспечения для видеоконференций Vinteo существует из-за недостаточной фильтрации данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код...

The vulnerability of the Vinteo video conference software server, related to the failure to take measures to neutralize special elements, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Vinteo video conference software server relates to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

The vulnerability of the Vinteo video conference software server lies in the lack of protective measures for SQL query structures, allowing attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Vinteo video conference software server relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code using a specially crafted SQL query...

The software for Vinteo Client is vulnerable, allowing attackers to carry out XSS attacks.

The vulnerability of the Vinteo Client video conferencing software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

PT-2024-3354 · Unknown · Vinteo Client

Name of the Vulnerable Software and Affected Versions: Vinteo Client affected versions not specified Description: The issue is related to the lack of protection for the web page structure in Vinteo Client, allowing a remote attacker to conduct a cross-site scripting XSS attack. Recommendations: A...

PT-2024-62: SQL Injection in Vinteo Videoconferencing Server

The vulnerability was identified in Vinteo Videoconferencing Server, version 29.2.18. The discovered vulnerability can be exploited by an authorized attacker to execute arbitrary SQL queries, which can lead to the possibility of executing arbitrary commands with superuser rights. Vulnerability...

PT-2024-61: OS Command Injection in Vinteo Videoconferencing Server

The vulnerability was identified in Vinteo Videoconferencing Server, version 29.2.18. The discovered vulnerability can be exploited by an attacker to execute commands with superuser privileges. Vulnerability status: Confirmed by vendor Recommendations: Update to version v29.3.6 or higher...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

Cross site scripting

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

Vinteo VCC 跨站脚本漏洞

Vinteo VCC is a video conferencing application from Vinteo. A security vulnerability exists in Vinteo VCC version v2.36.4, which stems from the discovery of a cross-site scripting XSS vulnerability contained via the conference parameter. An attacker can exploit the vulnerability to inject arbitra...

CVE-2022-48020

CVE-2022-48020 affects Vinteo VCC v2.36.4. The vulnerability is a reflected cross-site scripting (XSS) flaw exposed via the conference parameter, allowing an attacker to inject code that runs in the victim’s browser. According to the sources, the attack is network-based with low attack complexity...

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

The vulnerability of the Vinteo Video Core software lies in the lack of protective measures for website structures, allowing attackers to carry out XSS attacks.

The vulnerability of the Vinteo Video Core software-related video conferencing system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...