CVE-2024-31556

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-31556
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31556.json
Aliases
Published
2024-05-14T21:15:12Z
Modified
2024-05-19T02:24:45.497524Z
Summary
[none]
Details

An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid function.

References

Affected packages

Git / github.com/reportico-web/reportico

Affected ranges

Type
GIT
Repo
https://github.com/reportico-web/reportico
Events
Introduced
0The exact introduced commit is unknown
Fixed

Affected versions

4.*

4.6

6.*

6.0.0
6.0.1
6.0.10
6.0.11
6.0.12
6.0.13
6.0.14
6.0.15
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.0.9

7.*

7.0.1-alpha
7.0.10-alpha
7.0.2-alpha
7.0.3-alpha
7.0.4-alpha
7.0.5-alpha
7.0.6-alpha
7.0.7-alpha
7.0.8-alpha
7.0.9-alpha
7.1.0-alpha
7.1.1-alpha
7.1.10-alpha
7.1.11-alpha
7.1.12-alpha
7.1.13-alpha
7.1.14-alpha
7.1.15-alpha
7.1.16-alpha
7.1.17-alpha
7.1.18-alpha
7.1.19-beta
7.1.2-alpha
7.1.20-beta
7.1.21-beta
7.1.22-beta
7.1.23-beta
7.1.24-beta
7.1.25-beta
7.1.26-beta
7.1.27-beta
7.1.28-beta
7.1.29-beta
7.1.3-alpha
7.1.30-beta
7.1.31-beta
7.1.32-beta
7.1.33-beta
7.1.34-beta
7.1.35-beta
7.1.36-beta
7.1.37-beta
7.1.38-beta
7.1.39-beta
7.1.4-alpha
7.1.40-beta
7.1.41-beta
7.1.42-beta
7.1.5-alpha
7.1.6-alpha
7.1.7-alpha
7.1.8-alpha
7.1.9-alpha

8.*

8.0.1
8.0.2
8.0.3

Other

newarc

v3.*

v3.2

v4.*

v4.0-Beta