5 matches found
CVE-2024-1115
A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...
Command injection
A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...
openBI 操作系统命令注入漏洞
openBI is a big data visualization solution from openBI Inc. An OS command injection vulnerability exists in openBI prior to version 1.0.8, which stems from a problem with the dlfile function of the /application/websocket/controller/Setting.php file, which could lead to OS command injection...
PT-2024-16784 · Openbi · Openbi
Name of the Vulnerable Software and Affected Versions: openBI versions up to 1.0.8 Description: A critical issue has been found, affecting the dlfile function of the file /application/index/controller/Screen.php. The manipulation of the fileUrl argument leads to improper access controls. The atta...
PT-2024-16789 · Openbi · Openbi
Name of the Vulnerable Software and Affected Versions: openBI versions up to 1.0.8 Description: A critical issue affects the dlfile function of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiat...