85 matches found
CVE-2026-38158
A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to access sensitive database information via crafted SQL statements...
PT-2026-60590
Name of the Vulnerable Software and Affected Versions ureport version 2.2.9 Description A SQL injection issue exists in the /ureport/datasource/previewData endpoint, which handles datasource preview queries. The flaw stems from improper input validation and the use of unsafely constructed SQL...
CVE-2026-38158
CVE-2026-38158 describes an SQL injection in ureport v2.2.9, specifically in the /ureport/datasource/previewData component. The vulnerability could allow an attacker to disclose sensitive database information via crafted SQL statements. The CVSS 3.1 score is 9.8 (CRITICAL), with attack vector NET...
CVE-2026-38158
A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-36764
A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...
CVE-2026-36764
A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...
CVE-2026-36764
A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...
SpringBlade 代码问题漏洞
SpringBlade is a microservices development platform developed by Blade China. Version 4.8.0 of SpringBlade contains a code vulnerability. This vulnerability stems from a server-side request forgeing issue in the /ureport/datasource/testConnection endpoint. It may allow authenticated attackers to...
EUVD-2026-26399
A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...
CVE-2026-36764
A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...
EUVD-2020-13902
Malware in sbrugna...
EUVD-2021-1996
Malware in sbrugna...
EUVD-2021-1998
Malware in sbrugna...
EUVD-2023-2941
Malicious code in bioql PyPI...
EUVD-2023-0697
Malicious code in bioql PyPI...
EUVD-2023-0640
Malicious code in bioql PyPI...
CVE-2023-48848
An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path...
CVE-2023-24188
ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted...
CVE-2023-24187
An XML External Entity XXE vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile...
CVE-2020-21125
An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code...