Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rooms vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2022-32346
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=.
Hospital's Patient Records Management System Project Hospital's Patient Records Management System 1.0
445
VMScore
CVE-2020-10573
An issue exists in Janus up to and including 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge.
Meetecho Janus
312
VMScore
CVE-2021-39164
Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership (list of members, with their display names) of a room if they know the ID of the room. The vulnerability is limited to rooms w...
Matrix Synapse
Fedoraproject Fedora 34
Fedoraproject Fedora 35
356
VMScore
CVE-2016-2966
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.1
755
VMScore
CVE-2008-7047
NatterChat 1.1 allows remote malicious users to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp.
Natterchat Natterchat 1.1
1 EDB exploit
445
VMScore
CVE-2004-1549
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote malicious users to gain sensitive information by sniffing the network connection.
Onnuri Infotek Activepost Standard 3.1
755
VMScore
CVE-2009-4670
admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote malicious users to (1) delete arbitrary users via the user parameter or (2) delete arbitrary rooms via the room parameter.
Beaussier Roomphplanning 1.6
1 EDB exploit
470
VMScore
CVE-2013-3977
The Meeting Server in IBM Sametime 8.x up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 allows remote malicious users to determine which meeting rooms are owned by a user by leveraging knowledge of valid user names.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.0.1.1
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.5.0.0
Ibm Sametime 9.0.0.1
Ibm Sametime 8.0.1.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.2.1
Ibm Sametime 8.0.0.0
445
VMScore
CVE-2018-10657
Matrix Synapse prior to 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018.
Matrix Synapse
755
VMScore
CVE-2018-18800
The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.
Tubigan Welcome To Our Resort 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »