Filtered by vendor Ureport2 Project
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50090 | 1 Ureport2 Project | 1 Ureport2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request. | |||||
| CVE-2022-25767 | 1 Ureport2 Project | 1 Ureport2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets. | |||||