6 matches found
CVE-2022-32958
CVE-2022-32958 affects Teamplus Pro's chat functionality. A remote attacker with general user privileges can send a message to a Teamplus Pro chat group that exceeds the message size limit, with the result being termination of other recipients’ chat processes. The available connected sources desc...
CVE-2022-35220
CVE-2022-35220 affects Teamplus Pro, specifically the Community Discussion feature. A remote attacker with general user privileges can post a thread with large content, triggering an allocation of resources without limits or throttling and causing memory exhaustion on the receiving client, potent...
CVE-2024-9921
The CVE-2024-9921 entry corresponds to an SQL injection in Team+ from TEAMPLUS TECHNOLOGY caused by improper validation of a specific page parameter. Affected software/function: Team+ (TEAMPLUS TECHNOLOGY). Root cause: failure to validate the page parameter allows unauthenticated remote attackers...
CVE-2022-35221
CVE-2022-35221 affects Teamplus Pro’s Community Discussion feature. A remote attacker with general user privileges can post an oversized thread subject, triggering unbounded memory allocation due to a lack of limits/throttling. This may cause the server to allocate excessive memory, resulting in ...
CVE-2024-9923
The CVE-2024-9923 vulnerability affects Team+ by TEAMPLUS TECHNOLOGY (Team+ 13.5.x) and stems from improper validation of a specific page parameter, enabling a remote attacker with administrator privileges to move arbitrary system files to the website root and access them. This is a path-traversa...
CVE-2024-9922
CVE-2024-9922 affects TeamPlus Team+ (TEAMPLUS TECHNOLOGY). The vulnerability arises from improper validation of a specific page parameter, enabling unauthenticated remote attackers to read arbitrary system files via path traversal. Documents consistently describe this as an arbitrary file read i...