CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2003-1239

Malware in sbrugna...

7.5CVSS6.4AI score0.01373EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-1035

Malware in sbrugna...

5.4CVSS5.5AI score0.003EPSS

Exploits0References4

OSV•added 2019/02/15 6:29 p.m.•0 views

CVE-2019-0262

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score

Exploits0References3

NVD•added 2019/02/15 6:29 p.m.•11 views

CVE-2019-0262

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.3AI score0.003EPSS

Exploits0References3

Prion•added 2019/02/15 6:29 p.m.•9 views

Cross site scripting

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.2AI score0.003EPSS

Exploits0References3Affected Software1

Cvelist•added 2019/02/15 6:0 p.m.•11 views

CVE-2019-0262

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting XSS vulnerability...

5.3AI score0.003EPSS

Exploits0References3

CVE•added 2019/02/15 6:0 p.m.•37 views

CVE-2019-0262

CVE-2019-0262 affects SAP WebIntelligence BILaunchPad (versions 4.10 and 4.20). The vulnerability is a Cross-Site Scripting (XSS) flaw caused by insufficient encoding of user-controlled inputs in generated HTML reports, enabling script execution in a victim’s browser. The available connected docu...

5.4CVSS5.3AI score0.003EPSS

Exploits0References3Affected Software1

securityvulns•added 2005/12/16 12:0 a.m.•27 views

Business Objects WebIntelligence DoS

It's possible to lock out administrator's account with unsuccessfull authentication attempts...

3AI score

Exploits0References1Affected Software1

Cvelist•added 2005/12/15 11:0 p.m.•14 views

CVE-2005-4274

Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service user account lock out via unknown attack vectors related to "authentication mechanisms" and "form input."...

6.5AI score0.00779EPSS

Exploits0References2

CVE•added 2005/12/15 11:0 p.m.•35 views

CVE-2005-4274

CVE-2005-4274 affects Business Objects WebIntelligence 6.5x. The vulnerability permits remote attackers to cause a denial of service (user account lockout) via unknown attack vectors related to authentication mechanisms and form input. The available sources describe the issue but do not provide c...

5CVSS6.9AI score0.00779EPSS

Exploits0References2Affected Software1

NVD•added 2005/12/15 10:3 p.m.•14 views

CVE-2005-4274

5CVSS6.5AI score0.00779EPSS

Exploits0References2

CVE•added 2005/11/16 7:37 a.m.•33 views

CVE-2003-1249

CVE-2003-1249 affects WebIntelligence 2.7.1, where guessable user session cookies enable remote attackers to hijack sessions . The description specifies the vulnerability type as session hijacking due to predictable cookies; no additional technical details (e.g., exact cookie mechanism, versions ...

7.5CVSS7.1AI score0.01373EPSS

Exploits0References6Affected Software1

Cvelist•added 2005/11/16 7:37 a.m.•10 views

CVE-2003-1249

WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions...

6.7AI score0.01373EPSS

Exploits0References6

CVE•added 2005/04/14 4:0 a.m.•45 views

CVE-2004-0533

CVE-2004-0533 describes a vulnerability in Business Objects WebIntelligence 2.7.0–2.7.4 where client-side access controls allow an authenticated user to bypass restrictions and delete arbitrary server documents via a crafted InfoView delete request. The root cause is the lack of server-side enfor...

2.1CVSS6.4AI score0.00205EPSS

Exploits0References5Affected Software2

CVE•added 2005/04/14 4:0 a.m.•35 views

CVE-2004-0534

CVE-2004-0534 is a documented XSS in Business Objects InfoView 5.1.4–5.1.8 / WebIntelligence 2.7.0–2.7.4. The root cause is incomplete server‑side validation for the document name during upload, allowing arbitrary script/HTML via the filename. Impact: remote attacker can inject script, potentiall...

4.3CVSS5.7AI score0.00547EPSS

Exploits0References5Affected Software2

Cvelist•added 2005/04/14 4:0 a.m.•13 views

CVE-2004-0533

Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client...

6.3AI score0.00205EPSS

Exploits0References5

Cvelist•added 2005/04/14 4:0 a.m.•16 views

CVE-2004-0534

Cross-site scripting XSS vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document...

5.7AI score0.00547EPSS

Exploits0References5

NVD•added 2004/12/31 5:0 a.m.•7 views

CVE-2004-0533

2.1CVSS6.3AI score0.00205EPSS

Exploits0References5

securityvulns•added 2004/09/17 12:0 a.m.•24 views

[Full-Disclosure] Corsaire Security Advisory - Business Objects WebIntelligence XSS issue

-- Corsaire Security Advisory -- Title: Business Objects WebIntelligence XSS issue Date: 27.05.04 Application: WebIntelligence 2.7, Business Objects 5.1 Environment: Various Author: Stephen de Vries [email protected] Audience: General distribution Reference: c040527-002 -- Scope -- The aim of...

4.3CVSS0.3AI score0.00547EPSS

Exploits0

securityvulns•added 2004/09/17 12:0 a.m.•30 views

[Full-Disclosure] Corsaire Security Advisory - Business Objects WebIntelligence arbitrary document deletion issue

-- Corsaire Security Advisory -- Title: Business Objects WebIntelligence arbitrary document deletion issue Date: 27.05.04 Application: WebIntelligence 2.7, Business Objects 5.1 Environment: Various Author: Stephen de Vries [email protected] Audience: General distribution Reference: c040527-001...

2.1CVSS0.6AI score0.00205EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by