2 matches found
PT-2024-61: OS Command Injection in Vinteo Videoconferencing Server
The vulnerability was identified in Vinteo Videoconferencing Server, version 29.2.18. The discovered vulnerability can be exploited by an attacker to execute commands with superuser privileges. Vulnerability status: Confirmed by vendor Recommendations: Update to version v29.3.6 or higher...
PT-2024-62: SQL Injection in Vinteo Videoconferencing Server
The vulnerability was identified in Vinteo Videoconferencing Server, version 29.2.18. The discovered vulnerability can be exploited by an authorized attacker to execute arbitrary SQL queries, which can lead to the possibility of executing arbitrary commands with superuser rights. Vulnerability...