2 matches found
CVE-2014-3777
CVE-2014-3777 affects Reportico PHP Report Designer before 4.0. A directory traversal flaw allows an attacker to read arbitrary files via the xmlin parameter (.. traversal). Multiple connected sources confirm the vulnerable component is the Reportico web UI, with the root cause in the xmlin handl...
Reportico Admin Credential Leak
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECV-05-1402 - Reportico software admin credentials leak Product description: Reportico is a comprehensive Open Source web reporting tool written purely in PHP. Reportico provides a web-based front end screen for designing and viewing reports stored i...