Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-5055

Malware in sbrugna...

2.1CVSS6.4AI score0.00409EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-5054

Malware in sbrugna...

4.3CVSS6.4AI score0.01128EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-5056

Malware in sbrugna...

5CVSS6.4AI score0.01135EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2011/09/22 12:0 a.m.25 views

Pentaho BI Server Multiple Vulnerabilities

The host is running Pentaho BI Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpentahobiservermultvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Pentaho BI Server Multiple Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

5CVSS0.3AI score0.01135EPSS
Exploits3References4
NVD
NVD
added 2011/09/13 7:59 p.m.15 views

CVE-2009-5099

Cross-site scripting XSS vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter...

4.3CVSS5.7AI score0.01128EPSS
Exploits1References5
NVD
NVD
added 2011/09/13 7:59 p.m.20 views

CVE-2009-5101

Pentaho BI Server 1.7.0.1062 and earlier includes the session ID JSESSIONID in the URL, which allows attackers to obtain it from session history, referer headers, or sniffing of web traffic...

5CVSS6.5AI score0.01135EPSS
Exploits1References3
NVD
NVD
added 2011/09/13 7:59 p.m.16 views

CVE-2009-5100

Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete tag to off on web pages using a password field, which might allow physically proximate attackers to obtain the password...

2.1CVSS6.5AI score0.00409EPSS
Exploits1References3
Prion
Prion
added 2011/09/13 7:59 p.m.12 views

Session fixation

Pentaho BI Server 1.7.0.1062 and earlier includes the session ID JSESSIONID in the URL, which allows attackers to obtain it from session history, referer headers, or sniffing of web traffic...

5CVSS7AI score0.01135EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2011/09/13 7:0 p.m.20 views

CVE-2009-5099

Cross-site scripting XSS vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter...

5.7AI score0.01128EPSS
Exploits1References5
CVE
CVE
added 2011/09/13 7:0 p.m.49 views

CVE-2009-5099

The Connected documents confirm CVE-2009-5099 affects Pentaho BI Server (1.7.0.1062 and earlier) via a Cross‑Site Scripting vulnerability in the ViewAction component, exploitable through the outputType parameter. Root cause: insufficient input validation/sanitization of the outputType parameter a...

4.3CVSS5.9AI score0.01128EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2011/09/13 7:0 p.m.28 views

CVE-2009-5101

Pentaho BI Server 1.7.0.1062 and earlier includes the session ID JSESSIONID in the URL, which allows attackers to obtain it from session history, referer headers, or sniffing of web traffic...

6.4AI score0.01135EPSS
Exploits1References3
Rows per page
Query Builder