Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

Faculty Evaluation System 1.0 Cross Site Request Forgery

Faculty Evaluation System version 1.0 suffers from a cross site request forgery vulnerability.

Packet Storm
#csrf#vulnerability#windows#google#php#auth#firefox
Free Hospital Management System For Small Practices 1.0 CSRF

Free Hospital Management System for Small Practices version 1.0 suffers from a cross site request forgery vulnerability.

Limesurvey Unauthenticated File Download

This Metasploit module exploits an unauthenticated file download vulnerability in limesurvey between 2.0+ and 2.06+ Build 151014. The file is downloaded as a ZIP and unzipped automatically, thus binary files can be downloaded.

GHSA-mcmc-c59m-pqq8: GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection

### Summary GeoNode is vulnerable to an XML External Entity (XXE) injection in the style upload functionality of GeoServer leading to Arbitrary File Read. ### Details GeoNode's GeoServer has the ability to upload new styles for datasets through the [`dataset_style_upload` view](https://github.com/GeoNode/geonode/blob/99b0557da5c7db23c72ad39e466b88fe43edf82d/geonode/geoserver/urls.py#L70-L72). ```py # https://github.dev/GeoNode/geonode/blob/99b0557da5c7db23c72ad39e466b88fe43edf82d/geonode/geoserver/views.py#L158-L159 @login_required def dataset_style_upload(request, layername): def respond(*args, **kw): kw['content_type'] = 'text/html' return json_response(*args, **kw) ... sld = request.FILES['sld'].read() # 1 sld_name = None try: # Check SLD is valid ... sld_name = extract_name_from_sld(gs_catalog, sld, sld_file=request.FILES['sld']) # 2 except Exception as e: respond(errors=f"The uploaded SLD file is not valid X...

Water Billing Management System 1.0 Cross Site Request Forgery / File Upload

Water Billing Management System version 1.0 suffers from a cross site request forgery that enables an arbitrary file upload.

pgAdmin 8.4 Remote Code Execution

pgAdmin versions 8.4 and below are affected by a remote code execution vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.