17 matches found
EUVD-2024-31267
Malicious code in bioql PyPI...
CVE-2024-0236
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...
VulnCheck KEV: CVE-2024-38289
A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input...
CVE-2024-38289
A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input...
CVE-2024-38289
A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input...
PT-2024-27927 · R Hub · R-Hub Turbomeeting
Name of the Vulnerable Software and Affected Versions: R-HUB TurboMeeting versions through 8.x Description: A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint allows unauthenticated remote attackers to extract hashed passwords from the database and authenticate to th...
CVE-2024-33530
In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings that make use of a lobby leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby...
CVE-2024-33530
In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings that make use of a lobby leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby...
CVE-2024-33530
CVE-2024-33530 affects Jitsi Meet before version 9391. A logic flaw in password-protected meetings using a lobby can disclose the meeting password when a user is invited to a call after waiting in the lobby. Root cause: flawed handling of lobby/password flow. Impact: confidentiality impact high. ...
CVE-2024-0236
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...
Default credentials
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...
CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...
WordPress plugin EventON security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Cisco Webex Training Unauthorized Meeting Join Vulnerability
A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...
Design/Logic Flaw
A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iO...
CVE-2020-3142 Cisco Webex Meetings Suite and Cisco Webex Meetings Online Unauthenticated Meeting Join Vulnerability
A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iO...
CVE-2014-4747
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser...