Vulmon Recent Vulnerabilities Trends Blog About Contact

infinity vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2009-3949
cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not require administrative authentication for the donewauthor action, which allows remote attackers to create administrative accounts via the name, password, and conf_password parameters....
Vivaprograms Infinity Script 2.0.0Vivaprograms Infinity Script
7.1
CVSSv2
CVE-2014-8779
Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys....
Pexip Pexip Infinity
7.8
CVSSv2
CVE-2018-10585
Pexip Infinity before 18 allows remote Denial of Service (XML parsing)....
Pexip Pexip Infinity
5
CVSSv2
CVE-2020-13387
Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323....
Pexip Pexip Infinity
7.5
CVSSv2
CVE-2017-6551
Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes....
Pexip Pexip Infinity
6.8
CVSSv2
CVE-2009-3211
Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI....
Dimofinf Infinity Script 2.0.5
6.8
CVSSv2
CVE-2018-5385
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is...
Navarino Infinity
7.5
CVSSv2
CVE-2006-6269
Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in rating.asp, (2) the mealid parameter in meal_rest.asp, and (3) the resid parameter in res_details.asp....
Infinity Technologies Infinitytechs Restaurants Cm
5
CVSSv2
CVE-2020-12824
Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP....
Pexip Pexip Infinity
9
CVSSv2
CVE-2019-7177
Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin....
Pexip Pexip Infinity
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalationTCPCVE-2020-4865CVE-2021-3297CVE-2018-15473CVE-2021-3317CVE-2021-23240denial of serviceCVE-2020-16107