38 matches found
EUVD-2011-4723
Malware in sbrugna...
EUVD-2018-14313
Malware in sbrugna...
CVE-2021-33696
SAP BusinessObjects Business Intelligence Platform Crystal Report, versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a Web site...
CVE-2021-33696
CVE-2021-33696 affects SAP BusinessObjects Business Intelligence Platform (Crystal Report) with vulnerable versions 420 and 430. The root cause is insufficient encoding of user-controlled inputs, enabling an XSS vulnerability that can cause non-permanent defacement or modification of displayed co...
Server side request forgery (ssrf)
SAP BusinessObjects BI Platform Crystal Report, versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to internal file...
CVE-2020-26831
SAP BusinessObjects BI Platform (Crystal Report) versions 4.1–4.3 contain an XML validation flaw in crystal report generation, allowing an attacker with basic privileges to inject arbitrary XML entities and cause internal file disclosure, internal directory disclosure, SSRF, and DoS. The root cau...
CVE-2020-26831
SAP BusinessObjects BI Platform Crystal Report, versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to internal file...
The vulnerability of the Crystal Report component in the SAP Business One resource management system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Crystal Report component in the SAP Business One resource management system is related to access control errors. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information from a remote location...
CVE-2018-2458
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted...
CVE-2018-2458
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted...
Authentication flaw
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted...
CVE-2018-2458
CVE-2018-2458 affects SAP Business One, Crystal Reports integration (versions 9.2 and 9.3). The issue is an information disclosure due to a flaw in the connection type that allows an attacker to access data that should be restricted. NVD lists CVSSv3 base score 7.5 (HIGH) and CVSSv2 base score 5....
CVE-2018-2458
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted...
Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service Vulnerability
No description provided by source. html Crystal Reporting Viewer v8.0.0.371 Author: Matthew Bergin Website: www.berginpentesting.com Website: www.smashthestack.org object classid='clsid:C4847596-972C-11D0-9567-00A0C9273C2A' id='target' /object script language='vbscript' targetFile =...
sap crystal report server 2008 - Directory Traversal
No description provided by source...
CVE-2011-4805
Cross-site scripting XSS vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter...
CVE-2011-4805
SAP Crystal Reports Server 2008 is affected by a Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp, allowing remote attackers to inject arbitrary web script or HTML via the service parameter. The issue is described for SAP Crystal Reports Server 2008; no further technical details (affect...
CVE-2011-4805
Cross-site scripting XSS vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter...
SAP Crystal Report Server crossite scripting
Crossite scripting in pubDBLogon/...