ureport2
by Ureport2
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50090 | Cri | 0.64 | 9.8 | 0.01 | Jan 3, 2024 | Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request. | ||
| CVE-2020-21124 | Cri | 0.64 | 9.8 | 0.02 | Sep 15, 2021 | UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page. |
- risk 0.64cvss 9.8epss 0.01
Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.
- risk 0.64cvss 9.8epss 0.02
UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page.