Vulnerabilities > ENG > Knowage > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-14 | CVE-2023-37472 | SQL Injection vulnerability in ENG Knowage Knowage is an open source suite for business analytics. | 6.5 |
| 2023-07-03 | CVE-2023-36819 | Path Traversal vulnerability in ENG Knowage Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. | 6.5 |
| 2023-06-23 | CVE-2023-35154 | Improper Authentication vulnerability in ENG Knowage Knowage is an open source analytics and business intelligence suite. | 6.5 |
| 2022-10-13 | CVE-2022-39295 | Cross-site Scripting vulnerability in ENG Knowage Knowage is an open source suite for modern business analytics alternative over big data systems. | 6.1 |
| 2021-05-12 | CVE-2021-30213 | Cross-site Scripting vulnerability in ENG Knowage 7.3.0 Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). | 4.3 |
| 2021-04-05 | CVE-2021-30058 | Cross-site Scripting vulnerability in ENG Knowage Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). | 4.3 |
| 2021-04-05 | CVE-2021-30055 | SQL Injection vulnerability in ENG Knowage A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'par_year' parameter when running a report. | 6.5 |
| 2019-09-05 | CVE-2019-13188 | Improper Authentication vulnerability in ENG Knowage In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application. | 5.0 |
| 2019-09-05 | CVE-2019-13190 | Improper Authentication vulnerability in ENG Knowage 6.1.0/6.1.1 In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. | 5.0 |
| 2019-08-28 | CVE-2019-13348 | Insufficiently Protected Credentials vulnerability in ENG Knowage In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases. | 4.0 |