24 matches found
EUVD-2020-12928
Malware in sbrugna...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
BIT-JASPERREPORTS-2021-35496
The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AW...
CVE-2021-35496
The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AW...
Design/Logic Flaw
The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AW...
CVE-2021-35496 TIBCO JasperReports XML Eternal Entity (XXE) vulnerability
The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AW...
CVE-2021-35496
The CVE-2021-35496 entry concerns the XMLA Connections component in TIBCO JasperReports Server (and variants) with a low-privilege, network-accessible attacker able to interfere with XML processing. Affected products/releases include JasperReports Server 7.2.1 and below, 7.5.0/7.5.1, 7.8.0, 7.9.0...
TIBCO Software JasperReports Server 代码问题漏洞
Tibco Software TIBCO Software JasperReports Server is an embeddable reporting server from TIBCO Software USA that provides reporting and analytics functionality that can be embedded into web or mobile devices. A code issue vulnerability exists in TIBCO Software JasperReports Server, which arises...
PT-2021-20936 · Tibco Software · Tibco Jasperreports Server For Aws Marketplace +5
Name of the Vulnerable Software and Affected Versions: TIBCO JasperReports Server versions 7.2.1 and below TIBCO JasperReports Server versions 7.5.0 and 7.5.1 TIBCO JasperReports Server version 7.8.0 TIBCO JasperReports Server version 7.9.0 TIBCO JasperReports Server - Community Edition versions...
Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
Cross site scripting
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20141
CVE-2020-20141 is a Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component under the Connect menu of Flexmonster Pivot Table & Charts 2.7.17. The Reflected XSS stems from insufficient input sanitization of the 'path' parameter when fetching file specifications (file_specs.php). ...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting
Exploit Title: CVE-2020-20140 : Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17 Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: n/a Software Link: n/a Version:Flexmonster Pivot Table & Charts 2.7.17...
Flexmonster Pivot Table & Charts Cross-Site Scripting Vulnerability
Flexmonster Pivot Table & Charts is a Javascript-based codebase for viewing, analyzing, and managing multidimensional data online from Flexmonster. A cross-site scripting vulnerability exists in the Connect menu in Flexmonster Pivot Table & Charts 2.7.17, which originates in the OLAP XMLA compone...
Microsoft SQL Server Management Studio XXE Injection Information Disclosure (CVE-2018-8527; CVE-2018-8532; CVE-2018-8533)
Multiple information disclosure vulnerabilities exist in Microsoft SQL Server Management Studio. The vulnerabilities are due to a flaw when parsing a malicious XEL/XML/XMLA file containing a reference to an external entity. A remote authenticated attacker could exploit these vulnerabilities by...
CVE-2018-8532
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...
CVE-2018-8532
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...
Information disclosure
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...