Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eng spagobi vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-6233
Cross-site scripting (XSS) vulnerability in SpagoBI prior to 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the "Short document metadata."
Eng Spagobi
1 EDB exploit
9
CVSSv2
CVE-2013-6231
SpagoBI prior to 4.1 has Privilege Escalation via an error in the AdapterHTTP script
Eng Spagobi
1 EDB exploit
3.5
CVSSv2
CVE-2013-6232
Cross-site scripting (XSS) vulnerability in SpagoBI prior to 4.1 allows remote authenticated users to inject arbitrary web script or HTML via a document note in the execution page.
Eng Spagobi
1 EDB exploit
6
CVSSv2
CVE-2013-6234
Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI prior to 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, a...
Eng Spagobi
1 EDB exploit
6.8
CVSSv2
CVE-2014-7296
The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set FEATURE_SECURE_PROCESSING, which allows remote authenticated users to execute arbitrary Java code via a crafted XSL document.
Eng Spagobi 5.0
4.3
CVSSv2
CVE-2018-12355
Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description field to the "Olap Schemas' Catalogue" catalogue.
Eng Knowage 6.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started