Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rooms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-32345
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=.
Hospital's Patient Records Management System Project Hospital's Patient Records Management System 1.0
7.5
CVSSv3
CVE-2020-10573
An issue exists in Janus up to and including 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge.
Meetecho Janus
3.1
CVSSv3
CVE-2021-39164
Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership (list of members, with their display names) of a room if they know the ID of the room. The vulnerability is limited to rooms w...
Matrix Synapse
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.3
CVSSv3
CVE-2016-2966
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.1
NA
CVE-2008-7047
NatterChat 1.1 allows remote malicious users to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp.
Natterchat Natterchat 1.1
1 EDB exploit
NA
CVE-2004-1549
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote malicious users to gain sensitive information by sniffing the network connection.
Onnuri Infotek Activepost Standard 3.1
NA
CVE-2009-4670
admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote malicious users to (1) delete arbitrary users via the user parameter or (2) delete arbitrary rooms via the room parameter.
Beaussier Roomphplanning 1.6
1 EDB exploit
NA
CVE-2013-3977
The Meeting Server in IBM Sametime 8.x up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 allows remote malicious users to determine which meeting rooms are owned by a user by leveraging knowledge of valid user names.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.0.1.1
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.5.0.0
Ibm Sametime 9.0.0.1
Ibm Sametime 8.0.1.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.2.1
Ibm Sametime 8.0.0.0
7.5
CVSSv3
CVE-2018-10657
Matrix Synapse prior to 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018.
Matrix Synapse
9.8
CVSSv3
CVE-2018-18800
The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.
Tubigan Welcome To Our Resort 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »