Page 3 of 13 results (0.001 seconds)

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder. • http://marc.info/?l=bugtraq&m=108360413811017&w=2 http://marc.info/?l=bugtraq&m=108671836127360&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16046 •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0014.html http://secunia.com/advisories/7846 http://www.iss.net/security_center/static/11026.php http://www.securityfocus.com/archive/1/305991 http://www.securityfocus.com/bid/6569 http://www.securitytracker.com/id?1005906 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords. • http://www.kb.cert.org/vuls/id/403307 https://exchange.xforce.ibmcloud.com/vulnerabilities/7928 •