A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input.
CVSS
No CVSS.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-07-25 20:15
Updated : 2024-07-26 12:38
NVD link : CVE-2024-38289
Mitre link : CVE-2024-38289
CVE.ORG link : CVE-2024-38289
JSON object : View
Products Affected
No product.
CWE
No CWE.