Lucene search
+L

7 matches found

thn
thn
added 2023/07/20 3:56 p.m.40 views

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state,...

8.1CVSS8.4AI score0.0147EPSS
Exploits0
openvas
openvas
added 2023/05/15 12:0 a.m.15 views

Apache OpenMeetings 2.0.0 < 7.1.0 Multiple Vulnerabilities

Apache OpenMeetings is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:openmeetings";...

7.2CVSS7AI score0.0147EPSS
Exploits0References4
nvd
nvd
added 2023/05/12 8:15 a.m.31 views

CVE-2023-29246

An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0...

7.2CVSS7AI score0.0147EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/05/12 7:43 a.m.14 views

CVE-2023-29246 Apache OpenMeetings: allows null-byte Injection

An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0...

7AI score0.0147EPSS
Exploits0References1
cve
cve
added 2023/05/12 7:43 a.m.56 views

CVE-2023-29246

CVE-2023-29246 affects Apache OpenMeetings 2.0.0–7.1.0. A code execution vulnerability arises from improper input validation, enabling RCE via null-byte injection once an admin account is compromised. Several sources corroborate the affected product/version range and the RCE impact. Mitigation in...

7.2CVSS7.1AI score0.0147EPSS
Exploits0References1Affected Software1
osv
osv
added 2023/05/12 7:43 a.m.18 views

CVE-2023-29246 Apache OpenMeetings: allows null-byte Injection

An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0...

7.2CVSS6.1AI score0.0147EPSS
Exploits0References3
cvelist
cvelist
added 2023/05/12 7:43 a.m.33 views

CVE-2023-29246 Apache OpenMeetings: allows null-byte Injection

An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0...

7.1AI score0.0147EPSS
Exploits0References1
Rows per page
Query Builder