EUVD-2025-209892

An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to...

PT-2026-41887

An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing an Angular template payload, or a victim can be socially engineered to...

Hitachi Energy Ellipse

SUMMARY Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution RCE attack on the product. Please refer to the Recommended Immediate Actions for...

SUSE CVE-2017-18900

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report...

CVE-2025-7633

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report...

CVE-2025-7430

Summary: CVE-2025-7430 affects Zohocorp ManageEngine Exchange Reporter Plus. The vulnerability is a Stored XSS in the Folder Message Count and Size report . Affected versions are 5723 and below . The root cause is not explicitly broken out in all sources, but descriptions consistently indicate th...

PT-2025-46318

Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below Description The software contains a Stored Cross-Site Scripting XSS issue within the Folder Message Count and Size report. This allows for the injection of malicious scripts...

EUVD-2009-0504

Malware in sbrugna...

EUVD-2019-11069

Malware in sbrugna...

EUVD-2009-1057

Malware in sbrugna...

CVE-2025-10087

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profitreport.php. Such manipulation of the argument productid leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2011-10017

Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...

CVE-2025-51534

creationtimestamp| type| source ---|---|--- 2025-08-04 19:27:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvlwgvjzxt2d...

CVE-2025-7118

creationtimestamp| type| source ---|---|--- 2025-07-06 15:53:09+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114807091273624631 2025-07-07 09:40:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lteili4zau2a 2026-01-08 20:16:37+00:00| published-proof-of-concept|...

CVE-2025-38207

creationtimestamp| type| source ---|---|--- 2025-07-04 15:03:05+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114795569816587848 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-03-19 00:00:00+00:00| seen|...

CVE-2025-5813

creationtimestamp| type| source ---|---|--- 2025-06-26 03:48:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19566 2025-06-26 06:27:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsiin52y752s...

CVE-2025-6512

CVE-2025-6512 affects BRAIN2 (PT-Security entry PT-2025-26595) with BRAIN2 versions 0.0–3.05 vulnerable to code injected via report scripts by non-admin users. The script in a report can be executed on the BRAIN2 server with administrator rights, enabling potential code injection. Root cause: imp...

CVE-2025-5578 PHPGurukul Dairy Farm Shop Management System sales-report-details.php sql injection

A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sales-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can ...

CVE-2024-52506

Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log messages or metrics aggregated from fields of multiple log messages. This functionality, as included i...

CVE-2024-6618

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...