Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31267

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00655EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:33 a.m.10 views

CVE-2024-0236

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

5.3CVSS7.2AI score0.00453EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2024/09/14 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-38289

A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input...

9.8CVSS5.9AI score0.40874EPSS
Exploits1References1
OSV
OSV
added 2024/07/25 8:15 p.m.3 views

CVE-2024-38289

A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input...

9.8CVSS5.9AI score0.40874EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/07/25 12:0 a.m.23 views

CVE-2024-38289

A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input...

8.1AI score0.40874EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/25 12:0 a.m.5 views

PT-2024-27927 · R Hub · R-Hub Turbomeeting

Name of the Vulnerable Software and Affected Versions: R-HUB TurboMeeting versions through 8.x Description: A boolean-based SQL injection issue in the Virtual Meeting Password VMP endpoint allows unauthenticated remote attackers to extract hashed passwords from the database and authenticate to th...

9.8CVSS8.2AI score0.40874EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/05/02 12:0 a.m.19 views

CVE-2024-33530

In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings that make use of a lobby leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby...

6.9AI score0.00655EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/02 12:0 a.m.23 views

CVE-2024-33530

In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings that make use of a lobby leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby...

6.7AI score0.00655EPSS
Exploits0References1
CVE
CVE
added 2024/05/02 12:0 a.m.70 views

CVE-2024-33530

CVE-2024-33530 affects Jitsi Meet before version 9391. A logic flaw in password-protected meetings using a lobby can disclose the meeting password when a user is invited to a call after waiting in the lobby. Root cause: flawed handling of lobby/password flow. Impact: confidentiality impact high. ...

7.5CVSS6.8AI score0.00655EPSS
Exploits0References1
NVD
NVD
added 2024/01/16 4:15 p.m.23 views

CVE-2024-0236

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

5.3CVSS5.5AI score0.00453EPSS
Exploits1References1
Prion
Prion
added 2024/01/16 4:15 p.m.20 views

Default credentials

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

5CVSS7.4AI score0.00453EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/16 3:57 p.m.23 views

CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

5.8AI score0.00453EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.4 views

WordPress plugin EventON security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.3CVSS6.8AI score0.00453EPSS
Exploits1References2
Cisco
Cisco
added 2020/09/02 4:0 p.m.27 views

Cisco Webex Training Unauthorized Meeting Join Vulnerability

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...

5.3CVSS5.2AI score0.01079EPSS
Exploits0References1
Prion
Prion
added 2020/01/26 5:15 a.m.18 views

Design/Logic Flaw

A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iO...

5CVSS7.2AI score0.0149EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/01/26 4:55 a.m.10 views

CVE-2020-3142 Cisco Webex Meetings Suite and Cisco Webex Meetings Online Unauthenticated Meeting Join Vulnerability

A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iO...

7.5CVSS6.5AI score0.0149EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/07/26 3:0 p.m.36 views

CVE-2014-4747

The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser...

6.3AI score0.0056EPSS
Exploits1References3
Rows per page
Query Builder