Filtered by vendor Hamastar
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-1331 | 1 Hamastar | 1 Meetinghub Paperless Meetings | 2026-02-17 | N/A | 9.8 CRITICAL |
| MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. | |||||
| CVE-2026-1330 | 1 Hamastar | 1 Meetinghub Paperless Meetings | 2026-02-17 | N/A | 7.5 HIGH |
| MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | |||||
| CVE-2026-1332 | 1 Hamastar | 1 Meetinghub Paperless Meetings | 2026-02-17 | N/A | 5.3 MEDIUM |
| MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific API functions and obtain meeting-related information. | |||||
| CVE-2024-6118 | 1 Hamastar | 1 Meetinghub Paperless Meetings | 2024-08-30 | N/A | 9.1 CRITICAL |
| A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file. | |||||
| CVE-2024-6117 | 1 Hamastar | 1 Meetinghub Paperless Meetings | 2024-08-30 | N/A | 8.8 HIGH |
| A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file. | |||||