CVE-2023-41261

An issue was discovered in /fcgi/scrutfcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results...

PT-2023-27875 · Plixer · Plixer Scrutinizer

Name of the Vulnerable Software and Affected Versions: Plixer Scrutinizer versions prior to 19.3.1 Description: An issue was discovered in the /fcgi/scrut fcgi.fcgi endpoint, specifically in the csvExportReport endpoint action generateCSV, which is vulnerable to SQL injection through the sorting...

PT-2023-27874 · Plixer · Plixer Scrutinizer

Name of the Vulnerable Software and Affected Versions: Plixer Scrutinizer versions prior to 19.3.1 Description: An issue was discovered in the /fcgi/scrut fcgi.fcgi endpoint. The csvExportReport endpoint action generateCSV does not require authentication, allowing an unauthenticated user to expor...

Oracle GraalVM Enterprise Edition Unauthorized Access Vulnerability (CNVD-2020-26995)

Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. A security vulnerability exists in Oracle GraalVM in the Tools component of Oracle GraalVM Enterprise Edition versions 19.3.1 and 20.0.0. An attacker could exploit the vulnerability t...