Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
13075.5%CRITICAL

Related CVEs

3
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-38289A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input.CRITICAL9.898.5%Jul 25, 2024
CVE-2024-38288A command-injection issue in the Certificate Signing Request (CSR) functionality in R-HUB TurboMeeting through 8.x allows authenticated attackers with administrator privileges to execute arbitrary commands on the underlying server as root.HIGH7.286.6%Jul 25, 2024
CVE-2024-38287The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit value.CRITICAL9.841.5%Jul 25, 2024