Lucene search
K

90 matches found

Positive Technologies
Positive Technologies
added 2022/10/29 12:0 a.m.16 views

PT-2022-11683 · Stimulsoft · Stimulsoft Reports

Name of the Vulnerable Software and Affected Versions: Stimulsoft aka Stimulsoft Reports version 2013.1.1600.0 Description: The issue allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine. This is demonstrat...

9.8CVSS9.3AI score0.00962EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/29 12:0 a.m.6 views

Stimulsoft 安全漏洞

Stimulsoft Stimulsoft Reports is an excellent set of reporting components for the .NET platform from Stimulsoft. NET platform for processing reports in JavaScript applications. A security vulnerability exists in Stimulsoft version 2013.1.1600.0, which stems from a vulnerability that allows an...

9.8CVSS8.8AI score0.00962EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/29 12:0 a.m.7 views

CVE-2021-42777

Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...

9.5AI score0.00962EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/10/29 12:0 a.m.31 views

CVE-2021-42777

Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...

9.7AI score0.00962EPSS
Exploits1References1
CVE
CVE
added 2022/10/29 12:0 a.m.54 views

CVE-2021-42777

CVE-2021-42777 affects Stimulsoft (Stimulsoft Reports) version 2013.1.1600.0; when Compilation Mode is enabled, it allows an attacker to execute arbitrary C# code on any machine rendering a report (server or client) via System.Diagnostics.Process.Start. The vulnerability is a code-execution risk ...

9.8CVSS9.4AI score0.00962EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/08/18 9:15 p.m.3 views

CVE-2020-15865

A Remote Code Execution vulnerability in Stimulsoft aka Stimulsoft Reports 2013.1.1600.0 allows an attacker to encode C scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. This can be used to fully compromise the server...

9.8CVSS7.4AI score0.05116EPSS
Exploits1References1
NVD
NVD
added 2020/08/18 9:15 p.m.16 views

CVE-2020-15865

A Remote Code Execution vulnerability in Stimulsoft aka Stimulsoft Reports 2013.1.1600.0 allows an attacker to encode C scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. This can be used to fully compromise the server...

10CVSS9.6AI score0.05116EPSS
Exploits1References1
Prion
Prion
added 2020/08/18 9:15 p.m.25 views

Remote code execution

A Remote Code Execution vulnerability in Stimulsoft aka Stimulsoft Reports 2013.1.1600.0 allows an attacker to encode C scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. This can be used to fully compromise the server...

10CVSS9.5AI score0.05116EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/08/18 8:2 p.m.25 views

CVE-2020-15865

A Remote Code Execution vulnerability in Stimulsoft aka Stimulsoft Reports 2013.1.1600.0 allows an attacker to encode C scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. This can be used to fully compromise the server...

9.6AI score0.05116EPSS
Exploits1References1
CVE
CVE
added 2020/08/18 8:2 p.m.46 views

CVE-2020-15865

CVE-2020-15865 affects Stimulsoft Reports (2013.1.1600.0). A vulnerability lets an attacker encode C# scripts as base-64 in the report XML, causing them to be compiled and executed on the server that processes the file, potentially yielding full server compromise. CVSSv3.1 metrics: AV:N/AC:L/PR:N...

10CVSS9.5AI score0.05116EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder