Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4530 | 1 Teamspeak | 1 Web Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html. | |||||
| CVE-2007-4529 | 1 Teamspeak | 1 Web Server | 2024-11-21 | 8.5 HIGH | N/A |
| The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd. | |||||
| CVE-2007-3956 | 2 Microsoft, Teamspeak | 2 All Windows, Web Server | 2024-11-21 | 7.8 HIGH | N/A |
| TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534. | |||||