Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap crystal reports - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0018
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these rep...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
445
VMScore
CVE-2021-40500
SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated malicious user to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploita...
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
578
VMScore
CVE-2020-6219
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Crystal Reports For Visual Studio 2010
1 Article
392
VMScore
CVE-2020-6208
SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the malicious user to control the behaviour of the application, leading ...
Sap Crystal Reports 4.1
Sap Crystal Reports 4.2
505
VMScore
CVE-2019-0285
The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.
Sap Crystal Reports 2010
1 EDB exploit
578
VMScore
CVE-2018-2427
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour of the ...
Sap Businessobjects Business Intelligence 4.10
Sap Businessobjects Business Intelligence 4.20
Sap Crystal Reports -
409
VMScore
CVE-2018-2406
Unquoted windows search path (directory/path traversal) vulnerability in Crystal Reports Server, OEM Edition (CRSE), 4.0, 4.10, 4.20, 4.30, startup path.
Sap Crystal Reports Server 4.0
Sap Crystal Reports Server 4.10
Sap Crystal Reports Server 4.20
Sap Crystal Reports Server 4.30
605
VMScore
CVE-2014-5506
Double free vulnerability in SAP Crystal Reports allows remote malicious users to execute arbitrary code via crafted connection string record in an RPT file.
Sap Crystal Reports -
605
VMScore
CVE-2014-5505
Stack-based buffer overflow in SAP Crystal Reports allows remote malicious users to execute arbitrary code via a crafted data source string in an RPT file.
Sap Crystal Reports -
383
VMScore
CVE-2011-4805
Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote malicious users to inject arbitrary web script or HTML via the service parameter.
Sap Crystal Reports Server 2008
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »