5 matches found
Remote Code Execution
com.bstek.ureport:ureport2-console is vulnerable to remote code execution. A remote attacker is able to read sensitive user files and deserialize local gadgets by connecting the system to a malicious database server...
GHSA-W39X-CHVM-PJ3C Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...
CVE-2022-25767 Remote Code Execution
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...
CVE-2022-25767
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...
Remote Code Execution (RCE)
Overview com.bstek.ureport:ureport2-console is an UReport2 is a high-performance pure Java report engine based on Spring architecture, where complex Chinese-style statements and reports can be prepared by iterating over cells. Affected versions of this package are vulnerable to Remote Code...