Lucene search
K

31 matches found

OSV
OSV
added 2025/09/27 1:1 a.m.5 views

CVE-2025-59945 SysReptor Susceptible to Privilege Escalation by Authenticated Users

SysReptor is a fully customizable pentest reporting platform. In versions from 2024.74 to before 2025.83, authenticated and unprivileged non-admin users can assign the isprojectadmin permission to their own user. This allows users to read, modify and delete pentesting projects they are not member...

8.1CVSS6.5AI score0.00306EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/27 12:0 a.m.7 views

Syslifters Sysreptor 安全漏洞

Syslifters Sysreptor is a penetration test reporting platform from Syslifters, Inc. A security vulnerability exists in Syslifters Sysreptor versions 2024.74 through prior to 2025.83, which stems from allowing an unprivileged user to assign the isprojectadmin privilege, which could lead to...

8.1CVSS6.5AI score0.00306EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/14 5:17 a.m.19 views

CVE-2024-36076

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session...

8.8CVSS6.6AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2024/05/19 8:15 p.m.15 views

CVE-2024-36076

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session...

8.8CVSS6.3AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/19 7:22 p.m.26 views

CVE-2024-36076

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session...

6.3AI score0.00247EPSS
Exploits0References2
CVE
CVE
added 2024/05/19 7:22 p.m.107 views

CVE-2024-36076

CVE-2024-36076 affects SysReptor, with vulnerable versions 2024.28–2024.30. The issue is Cross-Site WebSocket Hijacking, allowing an attacker to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain within the same browser sess...

8.8CVSS6.5AI score0.00247EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/19 7:22 p.m.17 views

CVE-2024-36076

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session...

6.7AI score0.00247EPSS
Exploits0References2
OSV
OSV
added 2024/05/19 7:22 p.m.17 views

CVE-2024-36076

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session...

8.8CVSS6.2AI score0.00247EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/19 12:0 a.m.9 views

PT-2024-26885

Name of the Vulnerable Software and Affected Versions SysReptor versions 2024.28 through 2024.30 SysReptor versions prior to 2024.40 Description The issue allows attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomai...

8.8CVSS6.5AI score0.00247EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/05/19 12:0 a.m.5 views

Syslifters SysReptor 安全漏洞

Syslifters SysReptor is a fully customizable offensive security reporting solution from Syslifters. A security vulnerability exists in Syslifters SysReptor versions prior to 2024.40 that stems from the presence of a cross-site request forgery vulnerability...

8.8CVSS6.6AI score0.00247EPSS
Exploits0References3
Kitploit
Kitploit
added 2023/07/14 12:30 p.m.80 views

Sysreptor - Fully Customisable, Offensive Security Reporting Tool Designed For Pentesters, Red Teamers And Other Security-Related People Alike

Easy and customisable pentest report creator based on simple web technologies. SysReptor is a fully customisable, offensive security reporting tool designed for pentesters, red teamers and other security-related people alike. You can create designs based on simple HTML and CSS, write your reports...

7.2AI score
Exploits0References1
Rows per page
Query Builder