Seyed Sadegh Khatami - Security Researcher - Exploit Intelligence Platform

CVE-2019-14298 EXPLOITDB MEDIUM text WORKING POC

Veeam ONE Reporter <9.5.0.3201 - XSS

Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx.

CVSS 5.4

View Code

CVE-2019-14297 EXPLOITDB MEDIUM text WORKING POC

Veeam ONE Reporter <9.5.0.3201 - XSS

Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx.

CVSS 5.4

View Code

CVE-2019-11569 EXPLOITDB HIGH text WORKING POC

Veeam ONE Reporter <9.5.0.3201 - CSRF

Veeam ONE Reporter 9.5.0.3201 allows CSRF.

CVSS 8.8

View Code