13 matches found
CVE-2023-7305
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...
CVE-2023-7305
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...
CVE-2023-7305
CVE-2023-7305 affects SmartBI V8, V9 and V10. The vulnerability is an unrestricted file upload via the RMIServlet request handling logic, enabling attackers to trigger sensitive operations or arbitrary code execution on the host under certain configurations. The vendor released a fix in July 2023...
CVE-2023-7305 SmartBI RMIServlet Unrestricted File Upload RCE
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...
SmartBI 安全漏洞
SmartBI is a business intelligence software from China-based SmartBI. A security vulnerability exists in SmartBI versions V8, V9, and V10 that stems from an unrestricted file upload in the RMIServlet request processing logic, which could lead to the execution of arbitrary code...
VulnCheck KEV: CVE-2023-7305
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...
CVE-2016-5515
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet...
CVE-2016-5515
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet...
CVE-2016-5515
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet...
CVE-2016-5515
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet...
CVE-2016-5515
The CVE-2016-5515 entry describes an unspecified vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite 9.3.4/9.3.5 that allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet. The NVD entry provide...
Unspecified Vulnerability in Oracle Supply Chain Products Suite Agile PLM Component (CNVD-2016-09691)
Oracle Supply Chain Products Suite is a set of supply chain solutions from Oracle, which provides value chain planning, value chain execution, product lifecycle management, etc. Oracle Agile PLM Product Lifecycle Management is one of the lifecycle management components. Oracle Agile PLM Product...