Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ureport project ureport 2.2.9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-48848
An arbitrary file read vulnerability in ureport v2.2.9 allows a remote malicious user to arbitrarily read files on the server by inserting a crafted path.
Ureport Project Ureport 2.2.9
7.8
CVSSv3
CVE-2023-24187
An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows malicious users to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile.
Ureport Project Ureport 2.2.9
9.1
CVSSv3
CVE-2023-24188
ureport v2.2.9 exists to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted.
Ureport Project Ureport 2.2.9
5.3
CVSSv3
CVE-2020-21122
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows malicious users to detect intranet device ports.
Ureport Project Ureport 2.2.9
9.8
CVSSv3
CVE-2020-21124
UReport 2.2.9 allows malicious users to execute arbitrary code due to a lack of access control to the designer page.
Ureport Project Ureport 2.2.9
9.8
CVSSv3
CVE-2020-21125
An arbitrary file creation vulnerability in UReport 2.2.9 allows malicious users to execute arbitrary code.
Ureport Project Ureport 2.2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started