Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects xi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4813
Unspecified vulnerability in Report Application Server (Crystalras.exe) prior to 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote malicious users to cause a denial of service (application hang...
Businessobjects Crystal Enterprise Xi
Businessobjects Crystal Reports Server Xi
Businessobjects Crystal Reports Xi
Businessobjects Report Application Server 11.0.0.0
NA
CVE-2014-8309
SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames via SecEnterprise authent...
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R2
Sap Businessobjects 4.0
NA
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
NA
CVE-2008-0379
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer...
Businessobjects Crystal Reports Xi R2
1 EDB exploit
NA
CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote malicious users to execute arbitr...
Microsoft Visual Studio .net 2005
Businessobjects Crystal Reports Xi
Microsoft Visual Studio .net 2002
Microsoft Visual Studio .net 2003
1 EDB exploit
NA
CVE-2008-1894
Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Java version before FixPack 3.5 allows remote malicious users to inject arbitrary web script or HTML via the cms parameter.
Businessobjects Infoview
Businessobjects Infoview Xi R2
NA
CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
Sap Businessobjects 3.2
NA
CVE-2010-3981
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.
Sap Businessobjects 3.2
NA
CVE-2010-3979
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote malicious users to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI.
Sap Businessobjects 3.2
NA
CVE-2010-3982
SAP BusinessObjects Enterprise XI 3.2 allows remote malicious users to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an &...
Sap Businessobjects 3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »