Meetinghub Paperless Meetings
CVE-2026-1330
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
AnalysisAI
MeetingHub Paperless Meetings contains an arbitrary file read vulnerability that enables unauthenticated remote attackers to download sensitive system files through path traversal exploitation. The vulnerability affects all installations without authentication requirements, allowing attackers to access confidential data with high confidentiality impact. No patch is currently available for this issue.
Technical ContextAI
Affects Meetinghub Paperless Meetings. MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
RemediationAI
Monitor vendor advisories for a patch. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.
HAMASTAR MeetingHub has an arbitrary file upload vulnerability allowing unauthenticated remote attackers to upload web s
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 all
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Pa
Meetinghub Paperless Meetings is affected by missing authentication for critical function (CVSS 5.3).
Same weakness CWE-36 – Absolute Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today