4 matches found
B&R Industrial Automation B&R APROL 代码注入漏洞
B&R Industrial Automation B&R APROL is a process control system from B&R Industrial Automation, Austria. A code injection vulnerability exists in B&R Industrial Automation B&R APROL versions prior to 4.4-00P5, which stems from a code injection in the AprolCreateReport component that could allow a...
UBUNTU-CVE-2019-17382
An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password i.e., anonymously. All created elements...
Unitrends Enterprise Backup File Upload Vulnerability
Unitrends Enterprise Backup is backup software that incorporates cloud continuity services to ensure the recovery of your virtual, physical and cloud data, systems and applications. A file upload vulnerability exists in the createReportName and saveReport functions in Unitrends Enterprise Backup'...
ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' SQL Injection Vulnerability
ServiceDesk Plus is web-based helpdesk software that helps users manage all their communications from a single point. ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' has a SQL injection vulnerability due to the program failing to adequately filter user-supplied data before using it in SQL...