EUVD-2025-28591

Malicious code in bioql PyPI...

CVE-2025-55522

Cross-site scripting XSS vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...

CVE-2025-55522

Cross-site scripting XSS vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...

CVE-2024-53442

whapa v1.59 is vulnerable to Command Injection via a crafted filename to the HTML reports component...

CVE-2024-53442

CVE-2024-53442 affects whapa v1.59; a command injection can be triggered by a crafted filename in the HTML reports component. The CVSSv3.1 base score is 9.8 (CRITICAL). Reported by multiple sources (NVD/Red Hat/CNNVD) with exploitation considerations and references. Practical impact is potential ...

PT-2024-35743 · Whapa · Whapa

Name of the Vulnerable Software and Affected Versions: whapa version 1.59 Description: The issue concerns command injection via a crafted filename in the HTML reports component. This allows for potential exploitation through manipulated file names. Recommendations: For whapa version 1.59, conside...

The vulnerability of the Reports component of the Oracle Banking Liquidity Management platform allows a hacker to gain full control over the application.

The vulnerability of the Reports component of the Oracle Banking Liquidity Management management platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the application using th...

The vulnerability of the Reports component of the Oracle Banking Liquidity Management management platform allows a hacker to gain full control over the application.

The vulnerability of the Reports component of the Oracle Banking Liquidity Management management platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the application using th...

HCL Technologies HCL BigFix Platform Cross-Site Scripting Vulnerability

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A cross-site scripting vulnerability exists in HCL BigFix Platform, which stems...

CVE-2023-37527

A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...

PT-2024-12632 · Hcl · Hcl Bigfix Platform

Name of the Vulnerable Software and Affected Versions: HCL BigFix Platform affected versions not specified Description: A cross-site scripting XSS vulnerability in the Web Reports component can possibly allow an attack to exploit an application parameter during execution of the Save Report...

PT-2023-9590 · Oracle · Oracle Banking Liquidity Management

Name of the Vulnerable Software and Affected Versions: Oracle Banking Liquidity Management version 14.5.0.12.0 Description: The issue is related to a component called Reports in the Oracle Banking Liquidity Management product. It allows a low-privileged attacker with network access via HTTP to...

The vulnerability of the Reports component in the Nozomi Guardian network activity detection and tracking tool, as well as the Nozomi Central Management Console (CMC), allows a malicious actor to trigger a service failure.

The vulnerability of the Reports component of the Nozomi Guardian network activity detection and tracking tool, as well as the Nozomi Central Management Console CMC, relates to the issue of saving reports with a null name due to insufficient validation of input data. Exploiting this vulnerability...

The vulnerability of the “Reports” component of the TUG Home Base Server allows a attacker to perform XSS attacks.

The vulnerability of the “Reports” component of the TUG Home Base Server is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks...

Oracle E-Business Suite Denial of Service Vulnerability (CNVD-2022-02355)

Oracle E-Business Suite is an extension of the original Application ERP and includes a collection of ERP Enterprise Resource Planning Management, HR Human Resource Management, CRM Customer Relationship Management and other applications that are seamlessly integrated into one management suite...

Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2022-02356)

Oracle E-Business Suite is an extension of the original Application ERP and includes a collection of ERP Enterprise Resource Planning Management, HR Human Resource Management, CRM Customer Relationship Management and other applications that are seamlessly integrated into one management suite...

Oracle E-Business Suite和Oracle Applications Manager 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP and includes a collection of ERP Enterprise Resource Planning Management, HR Human Resource Management, CRM Customer Relationship Management and other applications that are seamlessly integrated into one management suite...

CVE-2021-2448

Vulnerability in the Oracle Financial Services Crime and Compliance Investigation Hub product of Oracle Financial Services Applications component: Reports. The supported version that is affected is 20.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the...

Oracle Financial Services Applications 安全漏洞

Oracle Financial Services Crime and Compliance Investigation Hub, an end-user application for comprehensive financial crime investigations, has a security vulnerability in the Reports component of Oracle Financial Services Crime and Compliance A security vulnerability exists in the Reports...

PT-2021-2849

Name of the Vulnerable Software and Affected Versions Oracle iSetup versions 12.1.3 and 12.2.3 through 12.2.10 Description The issue is related to errors in the code of the General Ledger Update Transform and Reports components of Oracle iSetup in the Oracle E-Business Suite system. This can allo...