christian catalano vulnerabilities and exploits

(subscribe to this query)

SpagoBI prior to 4.1 has Privilege Escalation via an error in the AdapterHTTP script

1 EDB exploit

Cross-site scripting (XSS) vulnerability in SpagoBI prior to 4.1 allows remote authenticated users to inject arbitrary web script or HTML via a document note in the execution page.

1 EDB exploit

Cross-site scripting (XSS) vulnerability in SpagoBI prior to 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the "Short document metadata."

1 EDB exploit

Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI prior to 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, a...

1 EDB exploit

Multiple cross-site scripting (XSS) vulnerabilities in JAMon (Java Application Monitor) 2.7 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) listenertype or (2) currentlistener parameter to mondetail.jsp or ArraySQL parameter t...

Steve Souza Java Application Monitor Steve Souza Java Application Monitor 1.01 Steve Souza Java Application Monitor 1.0 Steve Souza Java Application Monitor 2.4 Steve Souza Java Application Monitor 2.3 Steve Souza Java Application Monitor 2.6 Steve Souza Java Application Monitor 2.5 Steve Souza Java Application Monitor 2.2 Steve Souza Java Application Monitor 2.1 Steve Souza Java Application Monitor 2.0

The Jenkins Plugin for SonarQube 3.7 and previous versions allows remote authenticated users to obtain sensitive information (cleartext passwords) by reading the value in the sonar.sonarPassword parameter from jenkins/configure.

Sonarsource Jenkins Plugin -

1 EDB exploit

Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the (1) login page (index.php) or (2) login form (loginform-inc.php).

Oliver Project Oliver

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook