Openbi Project Openbi vulnerabilities
4 known vulnerabilities affecting openbi_project/openbi.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-1035P2CRITICALCVSS 9.8≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1035 [CRITICAL] CWE-434 CVE-2024-1035: A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability
A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function uploadIcon of the file /application/index/controller/Icon.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-1034P3CRITICALCVSS 9.8≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1034 [CRITICAL] CWE-434 CVE-2024-1034: A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the
A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadFile of the file /application/index/controller/File.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-25
nvd
CVE-2024-1032P3CRITICALCVSS 9.8≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1032 [CRITICAL] CWE-502 CVE-2024-1032: A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerabili
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to
nvd
CVE-2024-1033P3HIGHCVSS 7.5≤ 1.0.8v1.0.0+8 more2024-01-30
CVE-2024-1033 [HIGH] CWE-200 CVE-2024-1033: A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected
A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected by this issue is the function agent of the file /application/index/controller/Datament.php. The manipulation of the argument api leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be
nvd