2 matches found
AJ-Report SQL Injection Vulnerability (CNVD-2024-34975)
AJ-Report is a fully open source, drag-and-drop editing visualization design tool. AJ-Report version 1.4.1 suffers from a SQL injection vulnerability, which can be exploited by an attacker to send specially crafted SQL statements to the /pageList script using the 'p' parameter to view, add, modif...
AJ-Report Server-Side Request Forgery Vulnerability
AJ-Report is a completely open source BI platform. AJ-Report version 0.9.8.6 suffers from a server-side request forgery vulnerability that can be exploited by an attacker to perform a server-side request forgery attack...