cbcvebase.

Openbi Project Openbi vulnerabilities

4 known vulnerabilities affecting openbi_project/openbi.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1

Vulnerabilities

Page 1 of 1
CVE-2024-1035P2CRITICALCVSS 9.8≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1035 [CRITICAL] CWE-434 CVE-2024-1035: A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function uploadIcon of the file /application/index/controller/Icon.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-1034P3CRITICALCVSS 9.8≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1034 [CRITICAL] CWE-434 CVE-2024-1034: A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadFile of the file /application/index/controller/File.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-25
nvd
CVE-2024-1032P3CRITICALCVSS 9.8≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1032 [CRITICAL] CWE-502 CVE-2024-1032: A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerabili A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to
nvd
CVE-2024-1033P3HIGHCVSS 7.5≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1033 [HIGH] CWE-200 CVE-2024-1033: A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected by this issue is the function agent of the file /application/index/controller/Datament.php. The manipulation of the argument api leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be
nvd
Openbi Project Openbi vulnerabilities | cvebase