6 matches found
CVE-2013-6231
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script...
CVE-2021-30213
Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting XSS. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter...
Privilege escalation
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script...
CVE-2013-6231
CVE-2013-6231 affects SpagoBI (primarily SpagoBI 4.0). The vulnerability is a privilege-escalation flaw in the AdapterHTTP servlet (ACTION_NAME=MANAGE_USER_ACTION) that can be triggered by crafted input, enabling a remote attacker to gain Administrator privileges after authenticating. Remediation...
CVE-2013-6231
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script...
SpagoBI远程权限提升漏洞
BUGTRAQ ID: 65925 CVECAN ID: CVE-2013-6231 SpagoBI是开源的商业智能软件包。 SpagoBI 4.0及其他版本的服务程序AdapterHTTP?ACTIONNAME=MANAGEUSERACTION由特制输入执行时会触发权限提升漏洞,该漏洞可使远程攻击者获取管理员权限。 0 SpagoBI SpagoBI 4.0 厂商补丁: SpagoBI ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: www.spagoworld.org...