Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40 matches found

GithubExploit
GithubExploitadded 2026/05/11 7:31 a.m.95 views

c2birtengine

BIRT File Upload RCE – C2 over HTTPS This repository provides...

5.9AI score
Exploits0
VulnCheck KEV
VulnCheck KEVadded 2025/12/16 12:0 a.m.11 views

VulnCheck KEV: CVE-2021-34427

In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote current BIRT viewer dir to inject JSP code into the running instance...

9.8CVSS5.9AI score0.5771EPSS
In wildExploits4References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2009-4487

Malware in sbrugna...

4.3CVSS8.2AI score0.01961EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2019-3444

Malware in sbrugna...

6.1CVSS6.3AI score0.00897EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2023-0864

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00735EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.19 views

RHEL 6 : eclipse-birt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - eclipse-birt: RCE on the default configuration of BIRT Viewer CVE-2023-0100 Note that Nessus has not tested for thi...

8.8AI score0.00735EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2023/03/16 6:13 a.m.39 views

CVE-2023-0100

A flaw was found In Eclipse BIRT, where the default configuration allowed retrieval of a report from the same host using an absolute HTTP path for the report parameter for example, report=http://xyz.com/report.rptdesign. The report would be retrieved if the host indicated in the report parameter...

9.8CVSS8.2AI score0.00735EPSS
Exploits0References4
OSV
OSVadded 2023/03/15 3:30 p.m.35 views

GHSA-4GRC-Q4FJ-45P8 Improper Input Validation In Eclipse BIRT

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

8.8CVSS8.5AI score0.00735EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2023/03/15 3:30 p.m.31 views

Improper Input Validation In Eclipse BIRT

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

8.8CVSS8.3AI score0.00735EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2023/03/15 3:15 p.m.37 views

CVE-2023-0100

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

8.8CVSS8.6AI score0.00735EPSS
Exploits0References1
OSV
OSVadded 2023/03/15 3:15 p.m.18 views

CVE-2023-0100

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

8.8CVSS8.8AI score
Exploits0References1
Prion
Prionadded 2023/03/15 3:15 p.m.18 views

Design/Logic Flaw

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

6.5CVSS8.6AI score0.00735EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/03/15 12:0 a.m.106 views

CVE-2023-0100

CVE-2023-0100 (Eclipse BIRT) affects BIRT versions starting from 2.6.2 where the default configuration allowed retrieval of a report from the same host using an absolute HTTP path in the __report parameter. If the HTTP Host header could be tampered with (e.g., configurations with no virtual hosts...

8.8CVSS8.4AI score0.00735EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/03/15 12:0 a.m.37 views

CVE-2023-0100

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

8.8AI score0.00735EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/03/15 12:0 a.m.4 views

Eclipse BIRT 安全漏洞

Eclipse BIRT is a suite of open source software from the Eclipse Foundation that provides reporting and business intelligence capabilities for rich client applications and web applications. A security vulnerability exists in Eclipse BIRT versions prior to 4.13 that stems from a default...

8.8CVSS7.8AI score0.00735EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/03/15 12:0 a.m.6 views

PT-2023-2201 · Eclipse · Eclipse Birt

Name of the Vulnerable Software and Affected Versions: Eclipse BIRT versions 2.6.2 through 4.12 Description: The issue is related to insufficient input validation when processing host headers with the report parameter. This could allow a remote attacker to gain unauthorized access to protected...

10CVSS7.5AI score0.00735EPSS
Exploits0References12
Vulnrichment
Vulnrichmentadded 2023/03/15 12:0 a.m.8 views

CVE-2023-0100

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...

8.6AI score0.00735EPSS
Exploits0References1
0day.today
0day.todayadded 2022/12/24 12:0 a.m.428 views

Eclipse Business Intelligence Reporting Tool 4.11.0 Remote Code Execution Vulnerability

======================================================================= title: Remote code execution - CVE-2021-34427 bypass product: Eclipse Business Intelligence Reporting Tool BiRT vulnerable version: = 4.11.0 fixed version: 4.12 CVE number: CVE-2021-34427 impact: High homepage:...

9.8CVSS9.7AI score0.5771EPSS
Exploits4
RedhatCVE
RedhatCVEadded 2021/06/28 7:16 p.m.76 views

CVE-2021-34427

A flaw was found in eclipse-birt. An attacker can use query parameters to create a JSP file which is accessible from remote current BIRT viewer dir to inject JSP code into the running instance. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

9.8CVSS4.2AI score0.5771EPSS
Exploits4References1
NVD
NVDadded 2021/06/25 7:15 p.m.14 views

CVE-2021-34427

In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote current BIRT viewer dir to inject JSP code into the running instance...

9.8CVSS0.5771EPSS
Exploits4References3
Rows per page
Query Builder