Uniguest Tripleplay

7 CVEs affecting Uniguest Tripleplay. Latest disclosed: 2025-03-04. Critical: 3, High: 2.

Top CVEs affecting Uniguest Tripleplay
CVESeverityScorePublishedSummary
CVE-2024-50707Critical10.02025-03-04Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-…
CVE-2024-50704Critical10.02025-03-04Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially craf…
CVE-2024-50706Critical9.82025-03-04Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend databa…
CVE-2023-25760High8.82023-04-19Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request…
CVE-2024-50705High7.12025-03-04Unauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary scripts vi…
CVE-2023-26599Medium6.12023-04-19XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated u…
CVE-2023-25759Medium5.42023-04-19OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS le…