12 matches found
CVE-2024-24396
Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component...
GHSA-GFQF-9W98-7JMX Stimulsoft Dashboard.JS directory traversal vulnerability
Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...
CVE-2024-24398
Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...
CVE-2024-24398
Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...
CVE-2024-24398
Stimulsoft Dashboard.JS contains a Directory Traversal vulnerability in the Save function’s fileName parameter, enabling remote arbitrary code execution. Affected versions include before 2024.1.2 (and variants noted in multiple advisories, e.g., before 2024.1.2/1.2 and before 2024.1.3 in separate...
CVE-2024-24396
Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component...
CVE-2024-24397
Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field...
PT-2024-20382 · Stimulsoft · Stimulsoft Dashboard.Js
Name of the Vulnerable Software and Affected Versions: Stimulsoft Dashboard.JS versions prior to 2024.1.2 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field. This enables the attacker to perform Cross Site Scripting attacks...
Stimulsoft GmbH Stimulsoft Dashboard.JS security vulnerability
Stimulsoft GmbH Stimulsoft Dashboard.JS is a powerful dashboard development tool from Stimulsoft. A security vulnerability exists in Stimulsoft GmbH Stimulsoft Dashboard.JS versions prior to v.2024.1.2. An attacker can exploit this vulnerability to execute arbitrary code via a specially crafted...
CVE-2024-24396
Stimulsoft Dashboard.JS (Stimulsoft GmbH)
CVE-2024-24397
Summary : CVE-2024-24397 affects Stimulsoft Dashboard.JS prior to 2024.1.2. The vulnerability is a Cross Site Scripting (XSS) flaw due to improper sanitization of the ReportName field, enabling a remote attacker to execute arbitrary code via a crafted payload. The commonly cited impact is client-...
Stimulsoft GmbH Stimulsoft Dashboard.JS security vulnerability
Stimulsoft GmbH Stimulsoft Dashboard.JS is a powerful dashboard development tool from Stimulsoft. A security vulnerability exists in Stimulsoft GmbH Stimulsoft Dashboard.JS versions prior to v.2024.1.2. A remote attacker can exploit this vulnerability to execute arbitrary code via a specially...