Lucene search
K

10 matches found

Cvelist
Cvelist
added yesterday29 views

CVE-2026-34096 Guardian Language-System XSS via name Parameter in designer.php

Guardian language-system fails to sanitize the name GET parameter before outputting it into an HTML input value attribute in designer.php line 57. An authenticated attacker can craft a URL containing script tags that execute in the victim's browser session...

4.8CVSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 2:28 a.m.6 views

CVE-2013-4611

Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving 1 the Online Designer page or 2 the Manage Survey Participants page...

10CVSS7.3AI score0.0294EPSS
Exploits0References1
OSV
OSV
added 2021/09/20 8:45 p.m.1 views

GHSA-6Q3P-36F4-CWXV Server-Side Request Forgery in UReport

UReport v2.2.9 contains a Server-Side Request Forgery SSRF in the designer page which allows attackers to detect intranet device ports...

5.3CVSS5.9AI score0.00823EPSS
Exploits1References3
CNVD
CNVD
added 2021/09/16 12:0 a.m.14 views

UReport Arbitrary Code Execution Vulnerability

UReport is a high-performance pure Java reporting engine based on the Spring architecture. The vulnerability stems from a lack of access control to the designer page. An attacker can exploit this vulnerability to execute arbitrary code...

9.8CVSS3.4AI score0.02114EPSS
Exploits1References1
CNVD
CNVD
added 2021/09/16 12:0 a.m.15 views

UReport Server-Side Request Forgery Vulnerability

UReport is a high-performance pure Java reporting engine based on the Spring architecture. a server-side request forgery vulnerability exists in the designer page of UReport version 2.2.9. An attacker can use this vulnerability to detect intranet device ports...

5.3CVSS3.5AI score0.00823EPSS
Exploits1References1
OSV
OSV
added 2021/09/15 5:15 p.m.15 views

CVE-2020-21122

UReport v2.2.9 contains a Server-Side Request Forgery SSRF in the designer page which allows attackers to detect intranet device ports...

5.3CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2021/09/15 5:15 p.m.12 views

Server side request forgery (ssrf)

UReport v2.2.9 contains a Server-Side Request Forgery SSRF in the designer page which allows attackers to detect intranet device ports...

5CVSS5.2AI score0.00823EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/09/15 4:16 p.m.45 views

CVE-2020-21124

The vulnerability CVE-2020-21124 affects UReport 2.2.9 (Java-based reporting engine). The root cause is a lack of access control on the designer page, enabling an attacker to execute arbitrary code. The sources describe this high-risk condition; no explicit remediation version is provided in the ...

9.8CVSS9.7AI score0.02114EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/15 12:0 a.m.4 views

UReport 代码问题漏洞

UReport is a high-performance pure Java reporting engine based on the Spring architecture. a server-side request forgery vulnerability exists in the designer page of UReport version 2.2.9. An attacker can use this vulnerability to detect intranet device ports...

5.3CVSS5.7AI score0.00823EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/15 12:0 a.m.5 views

UReport 代码注入漏洞

UReport is a high-performance pure Java reporting engine based on the Spring architecture. The vulnerability stems from a lack of access control to the designer page. An attacker can exploit this vulnerability to execute arbitrary code...

9.8CVSS6.1AI score0.02114EPSS
Exploits1References2
Rows per page
Query Builder