Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

report viewer vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3
CVE-2023-34796
Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated malicious users to execute arbitrary code via the org_name or domain values.
Techsneeze Dmarc Report 1.1
9.8
CVSSv3
CVE-2023-25261
Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an at...
Stimulsoft Viewer 2023.1.3Stimulsoft Viewer 2023.1.4Stimulsoft Designer 2023.1.3Stimulsoft Designer 2023.1.4Stimulsoft Designer 2023.1
8.8
CVSSv3
CVE-2019-17323
ClipSoft REXPERT 1.0.0.527 and previous versions version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web p...
Clipsoft Rexpert
6.1
CVSSv3
CVE-2019-11776
In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.
Eclipse Business Intelligence And Reporting Tools
7.8
CVSSv3
CVE-2018-18695
M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via a crafted MRD file.
M2soft Report Designer 5.0
6.1
CVSSv3
CVE-2017-9140
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote malicious users to inject arbitrary web script or HTML via the bgColor parameter to Telerik...
Progress Telerik ReportingProgress Sitefinity Cms
NA
CVE-2015-2165
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote malicious users to inject arbitrary web script or HTML via the (1) portal, (2) fromDate, (3) toDate, (4) fromTime, (5)...
Ericsson Drutt Mobile Service Delivery Platform 4.0Ericsson Drutt Mobile Service Delivery Platform 5.0Ericsson Drutt Mobile Service Delivery Platform 6.0
NA
CVE-2013-3004
Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x prior to 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors.
Ibm Tivoli Application Dependency Discovery Manager 7.2.0Ibm Tivoli Application Dependency Discovery Manager 7.2.0.7Ibm Tivoli Application Dependency Discovery Manager 7.2.0.8Ibm Tivoli Application Dependency Discovery Manager 7.1.2.3Ibm Tivoli Application Dependency Discovery Manager 7.1.2.4Ibm Tivoli Application Dependency Discovery Manager 7.2.1.1Ibm Tivoli Application Dependency Discovery Manager 7.2.0.3Ibm Tivoli Application Dependency Discovery Manager 7.2.0.4Ibm Tivoli Application Dependency Discovery Manager 7.2.1Ibm Tivoli Application Dependency Discovery Manager 7.2.1.5Ibm Tivoli Application Dependency Discovery Manager 7.1.2.7Ibm Tivoli Application Dependency Discovery Manager 7.1.2.8Ibm Tivoli Application Dependency Discovery Manager 7.2.1.4Ibm Tivoli Application Dependency Discovery Manager 7.2.0.1Ibm Tivoli Application Dependency Discovery Manager 7.2.0.2Ibm Tivoli Application Dependency Discovery Manager 7.2.0.9Ibm Tivoli Application Dependency Discovery Manager 7.2.0.10Ibm Tivoli Application Dependency Discovery Manager 7.1.2.5Ibm Tivoli Application Dependency Discovery Manager 7.1.2.6Ibm Tivoli Application Dependency Discovery Manager 7.2.0.5Ibm Tivoli Application Dependency Discovery Manager 7.2.0.6Ibm Tivoli Application Dependency Discovery Manager 7.1.2
NA
CVE-2013-2974
The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x prior to 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection...
Ibm Tivoli Application Dependency Discovery Manager 7.2.1.1Ibm Tivoli Application Dependency Discovery Manager 7.2.1.2Ibm Tivoli Application Dependency Discovery Manager 7.2.1.3Ibm Tivoli Application Dependency Discovery Manager 7.2.1.4
NA
CVE-2011-3400
Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote malicious users to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability."
Microsoft Windows Server 2003Microsoft Windows XpMicrosoft Windows Xp -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook