Lucene search
K

109 matches found

NVD
NVD
added 2024/01/31 8:15 p.m.10 views

CVE-2024-1115

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...

9.8CVSS8.2AI score0.0187EPSS
Exploits0References3
OSV
OSV
added 2024/01/31 8:15 p.m.3 views

CVE-2024-1115

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...

9.8CVSS5.5AI score0.0187EPSS
Exploits0References3
OSV
OSV
added 2024/01/31 8:15 p.m.5 views

CVE-2024-1113

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The...

9.8CVSS5.4AI score0.00634EPSS
Exploits0References3
NVD
NVD
added 2024/01/31 8:15 p.m.23 views

CVE-2024-1114

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. T...

9.8CVSS7.3AI score0.00856EPSS
Exploits0References3
NVD
NVD
added 2024/01/31 8:15 p.m.21 views

CVE-2024-1113

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The...

9.8CVSS7.2AI score0.00634EPSS
Exploits0References3
Prion
Prion
added 2024/01/31 8:15 p.m.21 views

Improper access control

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. T...

6.4CVSS7.2AI score0.00856EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2024/01/31 8:15 p.m.23 views

Command injection

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...

7.5CVSS7.8AI score0.0187EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2024/01/31 8:15 p.m.25 views

Design/Logic Flaw

A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed t...

7.5CVSS7.2AI score0.00769EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2024/01/31 8:15 p.m.23 views

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The...

6.5CVSS7.2AI score0.00634EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/31 8:0 p.m.26 views

CVE-2024-1116 openBI Upload.php index unrestricted upload

A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed t...

7.5CVSS6.9AI score0.00769EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/31 8:0 p.m.29 views

CVE-2024-1116 openBI Upload.php index unrestricted upload

A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed t...

7.5CVSS9.8AI score0.00769EPSS
Exploits0References3
CVE
CVE
added 2024/01/31 8:0 p.m.56 views

CVE-2024-1116

The CVE-2024-1116 case affects openBI versions up to 1.0.8. The vulnerability is in the index function of /application/plugins/controller/Upload.php , enabling an unrestricted file upload and enabling remote exploitation. Multiple sources confirm the issue and public disclosure of the exploit. Th...

9.8CVSS9.5AI score0.00769EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/31 8:0 p.m.8 views

CVE-2024-1115 openBI Setting.php dlfile os command injection

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...

7.5CVSS7.9AI score0.0187EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/31 8:0 p.m.16 views

CVE-2024-1115 openBI Setting.php dlfile os command injection

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...

7.5CVSS10AI score0.0187EPSS
Exploits0References3
CVE
CVE
added 2024/01/31 8:0 p.m.90 views

CVE-2024-1115

CVE-2024-1115 affects openBI up to version 1.0.8. The vulnerability is in the function dlfile of /application/websocket/controller/Setting.php; manipulating the argument phpPath can lead to an OS command injection. The issue appears to be remotely exploitable and, per the source documents, the ex...

9.8CVSS9.8AI score0.0187EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/31 7:31 p.m.23 views

CVE-2024-1114 openBI Screen.php dlfile access control

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. T...

6.5CVSS9.6AI score0.00856EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/31 7:31 p.m.27 views

CVE-2024-1114 openBI Screen.php dlfile access control

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. T...

6.5CVSS9.8AI score0.00856EPSS
Exploits0References3
CVE
CVE
added 2024/01/31 7:31 p.m.54 views

CVE-2024-1114

OpenBI up to 1.0.8 has a vulnerability in the dlfile function within /application/index/controller/Screen.php. The issue stems from manipulating the fileUrl argument, causing improper access controls that can be triggered remotely. Public exploit information exists. Several connected sources corr...

9.8CVSS9.4AI score0.00856EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/31 7:31 p.m.26 views

CVE-2024-1113 openBI Unity.php uploadUnity unrestricted upload

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The...

6.5CVSS9.7AI score0.00634EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/31 7:31 p.m.13 views

CVE-2024-1113 openBI Unity.php uploadUnity unrestricted upload

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The...

6.5CVSS6.9AI score0.00634EPSS
Exploits0References3
Rows per page
Query Builder