CVE-2023-24188 — CVSS 9.1 (critical): ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to…
CVE-2023-24187 — CVSS 7.8 (high): An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to…
CVE-2023-48848 — CVSS 7.5 (high): An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a…
CVE-2020-21122 — CVSS 5.3 (medium): UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.