Vendor
Reportico Web
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-31556 | Hig | 0.44 | 7.8 | 0.00 | May 14, 2024 | An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid function. | ||
| CVE-2023-47438 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2024 | SQL Injection vulnerability in Reportico Till 8.1.0 allows attackers to obtain sensitive information or other system information via the project parameter. | ||
| CVE-2023-46925 | 0.00 | — | 0.00 | Nov 2, 2023 | Reportico 7.1.21 is vulnerable to Cross Site Scripting (XSS). | |||
| CVE-2014-3777 | 0.00 | — | 0.04 | Jul 16, 2014 | Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter. |
- risk 0.44cvss 7.8epss 0.00
An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid function.
- risk 0.42cvss 6.5epss 0.00
SQL Injection vulnerability in Reportico Till 8.1.0 allows attackers to obtain sensitive information or other system information via the project parameter.
- CVE-2023-46925Nov 2, 2023risk 0.00cvss —epss 0.00
Reportico 7.1.21 is vulnerable to Cross Site Scripting (XSS).
- CVE-2014-3777Jul 16, 2014risk 0.00cvss —epss 0.04
Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter.