EUVD-2026-36633

Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2026-11442 Allegra exportReport Directory Traversal Information Disclosure Vulnerability

Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

PT-2024-13652 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions through 7250 Description: The issue is related to SQL Injection in the report export option. Recommendations: For Zoho ManageEngine ADAudit Plus versions through 7250, update to a version later than 725...

CVE-2023-41261

An issue was discovered in /fcgi/scrutfcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results...

CVE-2023-41262

An issue was discovered in /fcgi/scrutfcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the application...

PT-2023-27874 · Plixer · Plixer Scrutinizer

Name of the Vulnerable Software and Affected Versions: Plixer Scrutinizer versions prior to 19.3.1 Description: An issue was discovered in the /fcgi/scrut fcgi.fcgi endpoint. The csvExportReport endpoint action generateCSV does not require authentication, allowing an unauthenticated user to expor...

CVE-2023-41261

An issue was discovered in /fcgi/scrutfcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results...

The vulnerability of the export report function implementation in Centreon software for IT infrastructure monitoring allows a hacker to execute arbitrary SQL commands.

The vulnerability of the software’s reporting export function for IT infrastructure monitoring in Centreon relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using the script...

Export report email from Veeam Explorer for Microsoft Exchange is sent in an unexpected language

Challenge Export reports sent by Veeam Explorer for Microsoft Exchange are illegible or unexpectedly contain Chinese characters. Cause The issue is caused by an encoding conflict. By default, Veeam Explorer for Microsoft Exchange uses UTF-16 character encoding, and the issue appears under followi...

SAP Crystal Reports - Information Disclosure Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Sensitive Information Disclosure in SAP Crystal Reports Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114 Version: SAP Crystal...

perfact::mpa Persistent Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-066 Product: perfact::mpa Manufacturer: PerFact Innovation GmbH & Co. KG Affected Versions: Custom versions using PerFact DBUtils Toolkit v3.2 Tested Versions: Custom version with PerFact DBUtils Toolkit v3.2 Vulnerability Typ...