Filtered by vendor Roothub Project Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-33120 1 Roothub Project 1 Roothub 2024-11-21 9.8 Critical
Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file.
CVE-2022-27473 1 Roothub Project 1 Roothub 2024-11-21 9.8 Critical
SQL injection vulnerability in Topics Searching feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.
CVE-2022-27472 1 Roothub Project 1 Roothub 2024-11-21 9.8 Critical
SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.