Lucene search
K

50 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.24 views

F5 Networks BIG-IP : F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability (K000137334)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137334 advisory. - Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.29 views

CVE-2022-45437 Stored cross-site scripting vulnerability in the reporting dashboard module

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting XSS. A user with edition privileges can create a Payload in the reporting dashboard module. An admin user can observe the Payload...

6.5CVSS6.3AI score0.00425EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.4 views

ZOHO ManageEngine ServiceDesk Plus 安全漏洞

ZOHO ManageEngine ServiceDesk Plus SDP is the United States ZhuoHao ZOHO company's set of ITIL-based architecture of IT service management software. The software integrates Incident Management, Problem Management, Asset Management, IT Project Management, Procurement and Contract Management, and...

6.5CVSS6.5AI score0.0296EPSS
Exploits0References3
NCSC
NCSC
added 2022/11/02 12:0 a.m.4 views

Vulnerability fixed in FortiManager and FortiAnalyzer

FortiNet has fixed a vulnerability in FortiManager and FortiAnalyzer. A malicious person with low privileges can exploit the exploit the vulnerability to perform a cross-site scripting attack via the reporting module. Such an attack can lead to the execution of arbitrary code in the context of th...

8CVSS7.3AI score0.00684EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/03/23 10:15 p.m.2 views

CVE-2022-27192

The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files...

7.5CVSS5.9AI score0.01102EPSS
Exploits0References3
OSV
OSV
added 2022/03/23 10:15 p.m.4 views

CVE-2022-27192

The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files...

7.5CVSS5.8AI score0.01102EPSS
Exploits0References2
Prion
Prion
added 2022/03/23 10:15 p.m.14 views

Design/Logic Flaw

The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files...

5CVSS7.6AI score0.01102EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/23 12:0 a.m.6 views

PT-2022-18279 · Dvs · Dvs Avilys

Name of the Vulnerable Software and Affected Versions: DVS Avilys versions prior to 3.5.58 Description: The issue affects the Reporting module in the DVS Avilys document management system, allowing unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading...

7.5CVSS7.5AI score0.01102EPSS
Exploits0References6
CNVD
CNVD
added 2022/01/14 12:0 a.m.14 views

ZOHO ManageEngine Desktop Centra Remote Code Execution Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO, Inc. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. properly...

8.8CVSS2.9AI score0.07136EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.6 views

ZOHO ManageEngine Desktop Central 安全漏洞

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO, Inc. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. properly...

8.8CVSS5.8AI score0.07136EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/21 12:0 a.m.5 views

Dalmark Systems Systeam SQL注入漏洞

Dalmark Systems Systeam is an Erp system from Dalmark Systems in Brazil. Dalmark Systems Systeam has a security vulnerability that stems from the fact that the Systeam application is an ERP system that uses a hybrid architecture based on SaaS tenant and user management, as well as an on-premise...

8.8CVSS8.1AI score0.0104EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/09/05 9:0 p.m.17 views

CVE-2018-16145

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of...

8.5AI score0.02308EPSS
Exploits3References4
Prion
Prion
added 2017/04/21 12:59 a.m.18 views

Cross site request forgery (csrf)

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

6.8CVSS8.7AI score0.0111EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/04/21 12:59 a.m.18 views

CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

8.8CVSS8.8AI score0.0111EPSS
Exploits1References2
OSV
OSV
added 2017/04/21 12:59 a.m.10 views

CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

8.8CVSS7AI score
Exploits0References2
Cvelist
Cvelist
added 2017/04/21 12:0 a.m.25 views

CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp...

8.8AI score0.0111EPSS
Exploits1References2
CVE
CVE
added 2017/04/21 12:0 a.m.48 views

CVE-2017-7990

The CVE-2017-7990 entry involves the OpenMRS Reporting Module 1.12.0, where a CSRF vulnerability can be abused to perform cross-site scripting. An attacker could hijack an administrative session to inject JavaScript into the name field in webapp/reports/manageReports.jsp, yielding XSS. The affect...

8.8CVSS8.7AI score0.0111EPSS
Exploits1References2Affected Software1
Dsquare
Dsquare
added 2016/02/01 12:0 a.m.93 views

OpenMRS Reporting Module 0.9.7 RCE

Remote command execution vulnerability in OpenMRS Reporting Module Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

1.3AI score
Exploits0
Exploit DB
Exploit DB
added 2016/01/07 12:0 a.m.88 views

OpenMRS Reporting Module 0.9.7 - Remote Code Execution

Title: Unauthenticated remote code execution in OpenMRS Product: OpenMRS Vendor: OpenMRS Inc. Tested versions: See summary Status: Fixed by vendor Reported by: Brian D. Hysell Product description: OpenMRS is "the world's leading open source enterprise electronic medical record system platform."...

9.8CVSS9.7AI score0.84362EPSS
Exploits5
NVD
NVD
added 2013/03/29 4:9 p.m.13 views

CVE-2013-1083

Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager aka IDM Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and attack vectors...

10CVSS6.5AI score0.01403EPSS
Exploits0References2
Rows per page
Query Builder