Trueconf: >> Server >> 5.2.0.10225 Security Vulnerabilities
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution.
CVSS Score
9.8
EPSS Score
0.279
Published
2022-12-27
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code.
CVSS Score
8.8
EPSS Score
0.014
Published
2022-12-27