8 matches found
CVE-2013-6231
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script...
EUVD-2013-6061
Malware in sbrugna...
EUVD-2013-6062
Malware in sbrugna...
EUVD-2024-52672
Malicious code in bioql PyPI...
CVE-2024-54794
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution...
CVE-2024-54794
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution...
CVE-2024-54792
A Cross-Site Request Forgery CSRF vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authenticated user can lead another user into executing unwanted actions inside the application they are logged in, like adding, editing or deleting users...
PT-2025-1233 · Spagobi · Spagobi
Name of the Vulnerable Software and Affected Versions: SpagoBI version 3.5.1 Description: The issue is related to the script input feature of SpagoBI, which allows arbitrary code execution. This is due to the lack of measures to neutralize special elements used in the command input field...