EUVD-2024-52673

Malicious code in bioql PyPI...

CVE-2024-54795

SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting XSS vulnerabilities in the create/edit forms of the worksheet designer function...

SpagoBI 3.5.1 Cross Site Scripting

SpagoBI versions 3.5.1 and below suffer from persistent cross site scripting vulnerabilities. CVE-2024-54795 Severity : Medium 5.4 CVSS score : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by multiple stored XSS inside...

SpagoBI 3.5.1 Cross Site Scripting Vulnerability

CVE-2024-54795 Severity : Medium 5.4 CVSS score : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Summary : Engineering Ingegneria Informatica SpagoBI version 3.5.1 is affected by multiple stored XSS inside of the worksheet designer page. Poc Steps to Reproduce : 1. While editing a document insertin...

CVE-2024-54795

SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting XSS vulnerabilities in the create/edit forms of the worksheet designer function...

CVE-2024-54795

SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting XSS vulnerabilities in the create/edit forms of the worksheet designer function...

CVE-2024-54795

CVE-2024-54795 affects the open‑source BI suite SpagoBI v3.5.1 and earlier . Multiple stored XSS vulnerabilities exist in the worksheet designer’s create/edit forms. Exploitation requires user interaction and sufficient permissions to access the worksheet designer, enabling an attacker to inject ...

CVE-2024-54795

SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting XSS vulnerabilities in the create/edit forms of the worksheet designer function...

PT-2025-3073 · Spagobi · Spagobi

Name of the Vulnerable Software and Affected Versions: SpagoBI version 3.5.1 Description: The issue concerns multiple Stored Cross-Site Scripting XSS vulnerabilities found in the create/edit forms of the worksheet designer function. This allows for the potential execution of malicious scripts,...

Engineering SpagoBI 跨站脚本漏洞

Engineering SpagoBI is an open source Business Intelligence suite based on the J2EE framework from the Italian company Engineering. The suite is mainly used to manage BI objects such as reports, scorecards, and data mining models, which can be controlled, validated, verified and distributed throu...

CVE-2024-54795

SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting XSS vulnerabilities in the create/edit forms of the worksheet designer function...

Unrestricted file upload

Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload...

SpagoBI 4.0 - Arbitrary XSS File Upload

Exploit for php platform in category web applications Introduction SpagoBI1 is an Open Source Business Intelligence suite, belonging to the free/open source SpagoWorld initiative, founded and supported by Engineering Group2. It offers a large range of analytical functions, a highly functional...

SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload

Advisory Information Title: XSS File Upload Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6234 CVSS v2 Base Score: 4 CVSS v2 Vector:...