Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Reporter Security Vulnerabilities

cve
cve

CVE-2005-1708

templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.

7AI Score

0.001EPSS

2005-05-24 04:00 AM
22
cve
cve

CVE-2005-1709

Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.

7.1AI Score

0.038EPSS

2005-05-24 04:00 AM
19
cve
cve

CVE-2005-1710

Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page.

6AI Score

0.004EPSS

2005-05-24 04:00 AM
21
cve
cve

CVE-2006-4241

PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

7.9AI Score

0.056EPSS

2006-08-21 06:04 PM
20
cve
cve

CVE-2007-4349

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka T...

6.2AI Score

0.068EPSS

2008-10-23 10:00 PM
21
cve
cve

CVE-2011-5127

Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.

7.5AI Score

0.027EPSS

2022-10-03 04:15 PM
23
cve
cve

CVE-2017-15531

Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.

9.8CVSS

9.7AI Score

0.004EPSS

2018-01-23 08:29 PM
26
cve
cve

CVE-2018-12237

The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.

7.2CVSS

7.4AI Score

0.001EPSS

2019-01-24 09:29 PM
34
cve
cve

CVE-2019-12753

An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, and Cloud Log Download servers that they might not otherwise be authorized to access. The malicious ...

4.9CVSS

4.7AI Score

0.001EPSS

2019-08-30 09:15 AM
28