> Vulnerability Disclosure

About
CVEs
How To
Imprint
Licenses

Posts

2024

Stored Cross Site Scripting in Stimulsoft.Dashboards.JS - CVE-2024-24397 Feb 5
Arbitrary file write in Stimulsoft.Dashboards.PHP - CVE-2024-24398 Feb 5
Reflected Cross Site Scripting in Stimulsoft.Dashboards.JS - CVE-2024-24396 Feb 5

2023

Arbitrary File Write - CVE-2023-35801 Jul 24
Autorisation bypass - CVE-2023-31435 May 2
Stored and reflected XSS - CVE-2023-31434 May 2
SQL-Injection in Evasys Logbuch - CVE-2023-31433 May 2
Usage of static secrets in Stimulsoft Designer - CVE-2023-25263 Mar 2
SSRF in Stimulsoft Designer - CVE-2023-25262 Mar 2
RCE in Stimulsoft Designer and Viewer - CVE-2023-25261 Mar 2
LFI in Stimulsoft Designer - CVE-2023-25260 Mar 2

2022

Disclosure of password hashes in Craft CMS - CVE-2022-37783 Dec 6