Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

RedhatCVE
RedhatCVEadded 2025/10/16 1:41 a.m.2 views

CVE-2023-7305

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS7.9AI score0.00376EPSS
Exploits0References1
NVD
NVDadded 2025/10/15 2:15 a.m.2 views

CVE-2023-7305

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS0.00376EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/10/15 1:24 a.m.1 views

CVE-2023-7305 SmartBI RMIServlet Unrestricted File Upload RCE

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS7.5AI score0.00376EPSS
Exploits0References4
CVE
CVEadded 2025/10/15 1:24 a.m.7 views

CVE-2023-7305

CVE-2023-7305 affects SmartBI V8, V9 and V10. The vulnerability is an unrestricted file upload via the RMIServlet request handling logic, enabling attackers to trigger sensitive operations or arbitrary code execution on the host under certain configurations. The vendor released a fix in July 2023...

9.2CVSS7.5AI score0.00376EPSS
In wildExploits0References4
Cvelist
Cvelistadded 2025/10/15 1:24 a.m.5 views

CVE-2023-7305 SmartBI RMIServlet Unrestricted File Upload RCE

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS0.00376EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/10/15 12:0 a.m.1 views

SmartBI 安全漏洞

SmartBI is a business intelligence software from China-based SmartBI. A security vulnerability exists in SmartBI versions V8, V9, and V10 that stems from an unrestricted file upload in the RMIServlet request processing logic, which could lead to the execution of arbitrary code...

9.2CVSS7AI score0.00376EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/10/15 12:0 a.m.2 views

PT-2025-42219

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS7.9AI score0.00376EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEVadded 2025/10/14 12:0 a.m.0 views

VulnCheck KEV: CVE-2023-7305

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS6.2AI score0.00376EPSS
In wildExploits0References126
CNVD
CNVDadded 2023/08/25 12:0 a.m.98 views

Smartbi windowUnloading Authentication Bypass Vulnerability

Smartbi is a one-stop big data analytics platform. An authentication bypass vulnerability exists in Smartbi windowUnloading, which can be exploited by an attacker to obtain system user credentials and execute remote code...

7.2AI score
Exploits0References1
CNVD
CNVDadded 2023/08/02 12:0 a.m.3 views

Smartbi setEngineAddress Privilege Bypass Vulnerability

Smartbi is a one-stop big data analytics platform. Smartbi setEngineAddress there is a privilege bypass vulnerability, the vulnerability is due to the setEngineAddress interface is not authorized, unauthorized remote attacker can use the vulnerability to obtain the administrator Token, so as to...

8.1AI score
Exploits0
CNVD
CNVDadded 2023/07/12 12:0 a.m.11 views

Smartbi Logic Vulnerability

Smartbi is a one-stop big data analytics platform. Smartbi suffers from a logic vulnerability that can be exploited by an attacker to gain server privileges...

7AI score
Exploits0References1
CNVD
CNVDadded 2021/03/05 12:0 a.m.3 views

XXE Vulnerability in Smartbi

Smartbi offers a full suite of data analysis software that meets the needs of the user. A XXE vulnerability exists in Smartbi, which can be exploited by an attacker to read arbitrary files to obtain sensitive information...

6.8AI score
Exploits0
CNVD
CNVDadded 2021/03/04 12:0 a.m.1 views

XML External Entity Injection Vulnerability in Smartbi of Guangzhou Sematic Software Co.

Smartbi is a business intelligence BI software. Smartbi by Guangzhou Sematic Software Co. Ltd. suffers from an XML external entity injection vulnerability that can be exploited by an attacker to gain control of the server...

7.7AI score
Exploits0
CNVD
CNVDadded 2021/02/02 12:0 a.m.3 views

Smartbi's Big Data Analytics-BI Technology Platform Has Information Leakage Vulnerabilities

Ltd. is committed to providing one-stop business intelligence solutions for enterprise customers. There is an information leakage vulnerability in Smartbi Big Data Analytics-BI technology platform. An attacker can exploit the vulnerability to obtain sensitive information...

6.6AI score
Exploits0
CNVD
CNVDadded 2021/01/31 12:0 a.m.6 views

Smartbi Big Data Analytics Platform of Guangzhou Sematic Software Company Limited Has Logic Flaw Vulnerability

Guangzhou Sematic Software Co., Ltd. is a company dedicated to providing one-stop business intelligence solutions for enterprise customers. A logic flaw vulnerability exists in the Smartbi Big Data Analytics Platform of Guangzhou Sematic Software Limited, which can be exploited by attackers to...

7AI score
Exploits0
CNVD
CNVDadded 2020/03/20 12:0 a.m.1 views

Smartbi has a flawed logic vulnerability

Smartbi is the business intelligence BI and data analytics brand of Guangzhou Sematic Software Co. Smartbi has a logic flaw vulnerability that can be exploited by an attacker to view and modify sensitive system configuration information...

6.8AI score
Exploits0
Rows per page
Query Builder