30 matches found
CVE-2023-25263
In Stimulsoft Designer Desktop 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating...
CVE-2023-25260
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
EUVD-2023-29222
Malicious code in bioql PyPI...
EUVD-2023-29224
Malicious code in bioql PyPI...
EUVD-2023-29225
Malicious code in bioql PyPI...
CVE-2023-25261
Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer Desktop 2023.1.4 and Stimulsoft Designer Web 2023.1.3 and Stimulsoft Viewer Web 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include sour...
CVE-2023-25262
Stimulsoft GmbH Stimulsoft Designer Web 2023.1.3 is vulnerable to Server Side Request Forgery SSRF. TThe Reporting Designer Web offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather...
CVE-2023-25260
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
CVE-2023-25260
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
Design/Logic Flaw
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
CVE-2023-25262
Stimulsoft GmbH Stimulsoft Designer Web 2023.1.3 is vulnerable to Server Side Request Forgery SSRF. TThe Reporting Designer Web offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather...
Server side request forgery (ssrf)
Stimulsoft GmbH Stimulsoft Designer Web 2023.1.3 is vulnerable to Server Side Request Forgery SSRF. TThe Reporting Designer Web offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather...
CVE-2023-25262
Stimulsoft GmbH Stimulsoft Designer Web 2023.1.3 is vulnerable to Server Side Request Forgery SSRF. TThe Reporting Designer Web offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather...
PT-2023-20003 · Stimulsoft · Stimulsoft Designer
Name of the Vulnerable Software and Affected Versions: Stimulsoft Designer Web version 2023.1.3 Description: The issue is related to Local File Inclusion. Recommendations: For Stimulsoft Designer Web version 2023.1.3, at the moment, there is no information about a newer version that contains a fi...
Stimulsoft GmbH Stimulsoft Designer 代码问题漏洞
Stimulsoft GmbH Stimulsoft Designer is a robust product from Stimulsoft that runs on any computer and any platform. Engine, report designer and viewer for generating reports and analyzing data. A security vulnerability exists in Stimulsoft Designer Web version 2023.1.3, which stems fromThe...
CVE-2023-25260
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
CVE-2023-25260
Stimulsoft Designer Web 2023.1.3 is vulnerable to Local File Inclusion...
CVE-2023-25261
Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer Desktop 2023.1.4 and Stimulsoft Designer Web 2023.1.3 and Stimulsoft Viewer Web 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include sour...
CVE-2023-25263
In Stimulsoft Designer Desktop 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating...
CVE-2023-25263
In Stimulsoft Designer Desktop 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating...