100 matches found
CVE-2013-6231
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script...
EUVD-2013-6061
Malware in sbrugna...
EUVD-2013-6063
Malware in sbrugna...
EUVD-2013-6062
Malware in sbrugna...
EUVD-2014-7167
Malware in sbrugna...
EUVD-2024-52673
Malicious code in bioql PyPI...
EUVD-2024-52672
Malicious code in bioql PyPI...
EUVD-2024-52671
Malicious code in bioql PyPI...
CVE-2024-54792
A Cross-Site Request Forgery CSRF vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authenticated user can lead another user into executing unwanted actions inside the application they are logged in, like adding, editing or deleting users...
CVE-2024-54795
SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting XSS vulnerabilities in the create/edit forms of the worksheet designer function...
CVE-2024-54794
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution...
CVE-2024-57971
DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name...
CVE-2024-57971
DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name...
CVE-2024-57971
DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name...
CVE-2024-57971
DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name...
Knowage 安全漏洞
Knowage is an open source suite for modern business analytics on legacy resources and big data systems from Knowage Italy. A security vulnerability exists in Knowage versions prior to 8.1.30, which stems from DataSourceResource.java in the SpagoBI API support not ensuring that java:comp/env/jdbc/...
CVE-2024-57971
Knowage before 8.1.30 is affected by CVE-2024-57971 due to DataSourceResource.java in the SpagoBI API support not ensuring that java:comp/env/jdbc/ occurs at the beginning of a JNDI name. This misconfiguration can expose a high-severity vulnerability with a CVSS v3.1 base score of 9.1 (Network, L...
SpagoBI 3.5.1 Cross Site Request Forgery
SpagoBI versions 3.5.1 and below suffer from a cross site request forgery vulnerability. CVE-2024-54792 Severity : Medium 6.1 CVSS score : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by CSRF in the admin panel that...
SpagoBI 3.5.1 Cross Site Scripting
SpagoBI versions 3.5.1 and below suffer from persistent cross site scripting vulnerabilities. CVE-2024-54795 Severity : Medium 5.4 CVSS score : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by multiple stored XSS inside...
SpagoBI 3.5.1 Cross Site Scripting Vulnerability
CVE-2024-54795 Severity : Medium 5.4 CVSS score : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by multiple stored XSS inside of the worksheet designer page. Poc Steps to Reproduce : 1. While editing a document insertin...