Lucene search
+L

85 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-38158

A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to access sensitive database information via crafted SQL statements...

9.8CVSS0.0034EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60590

Name of the Vulnerable Software and Affected Versions ureport version 2.2.9 Description A SQL injection issue exists in the /ureport/datasource/previewData endpoint, which handles datasource preview queries. The flaw stems from improper input validation and the use of unsafely constructed SQL...

9.8CVSS5.4AI score0.0034EPSS
Exploits0References4
CVE
CVE
added 3 days ago9 views

CVE-2026-38158

CVE-2026-38158 describes an SQL injection in ureport v2.2.9, specifically in the /ureport/datasource/previewData component. The vulnerability could allow an attacker to disclose sensitive database information via crafted SQL statements. The CVSS 3.1 score is 9.8 (CRITICAL), with attack vector NET...

9.8CVSS6.1AI score0.0034EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-38158

A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to access sensitive database information via crafted SQL statements...

0.0034EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-36764

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

5CVSS5.5AI score0.00172EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 5:16 p.m.8 views

CVE-2026-36764

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

5CVSS0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.37 views

CVE-2026-36764

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

0.00172EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.15 views

SpringBlade 代码问题漏洞

SpringBlade is a microservices development platform developed by Blade China. Version 4.8.0 of SpringBlade contains a code vulnerability. This vulnerability stems from a server-side request forgeing issue in the /ureport/datasource/testConnection endpoint. It may allow authenticated attackers to...

5CVSS5.9AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 12:0 a.m.6 views

EUVD-2026-26399

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

5CVSS5.2AI score0.00172EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.8 views

CVE-2026-36764

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

5CVSS5.2AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.18 views

EUVD-2020-13902

Malware in sbrugna...

9.8CVSS9.4AI score0.02183EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1996

Malware in sbrugna...

5.3CVSS5.3AI score0.0085EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-1998

Malware in sbrugna...

9.8CVSS9.2AI score0.01781EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2941

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00948EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0697

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00918EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-0640

Malicious code in bioql PyPI...

9.1CVSS8.9AI score0.01199EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 4:34 a.m.6 views

CVE-2023-48848

An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path...

7.5CVSS6.8AI score0.00948EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:20 a.m.15 views

CVE-2023-24188

ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted...

9.1CVSS7.5AI score0.01199EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:56 a.m.15 views

CVE-2023-24187

An XML External Entity XXE vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile...

7.8CVSS7.7AI score0.00918EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:50 p.m.26 views

CVE-2020-21125

An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code...

9.8CVSS7.5AI score0.01781EPSS
Exploits1
Rows per page
Query Builder