Sign up to save your podcasts
Or
Share Django Unicorn Class Pollution, GeoTools XPath Manipulation, Eladmin CSV Injection, Zimbra SQL Injection, Woocomerce Taxi Booking Deserialization and more
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Django Unicorn Class Pollution, GeoTools XPath Manipulation, Eladmin CSV Injection, Zimbra SQL Injection, Woocomerce Taxi Booking Deserialization and more
Week 5 ending 6th Feb, 2025. In this episode, we dive deep into the latest security advisories, uncovering a surge of critical vulnerabilities affecting a wide range of software. From command injection flaws in EasyVirt DCScope and privilege escalation vulnerabilities due to weak encryption, to remote code execution exploits in Advantive VeraCore and ClassCMS, we break down the threats and their potential impact. We also discuss a concerning class pollution vulnerability in Django-Unicorn that can lead to XSS, DoS, and authentication bypass. Plus, we'll cover SQL injection flaws in Moss and Zimbra Collaboration, file upload vulnerabilities in ChestnutCMS, and memory corruption issues. Stay informed and learn how to protect your systems from these emerging threats!
View all episodes
By SecurityPodWeek 5 ending 6th Feb, 2025. In this episode, we dive deep into the latest security advisories, uncovering a surge of critical vulnerabilities affecting a wide range of software. From command injection flaws in EasyVirt DCScope and privilege escalation vulnerabilities due to weak encryption, to remote code execution exploits in Advantive VeraCore and ClassCMS, we break down the threats and their potential impact. We also discuss a concerning class pollution vulnerability in Django-Unicorn that can lead to XSS, DoS, and authentication bypass. Plus, we'll cover SQL injection flaws in Moss and Zimbra Collaboration, file upload vulnerabilities in ChestnutCMS, and memory corruption issues. Stay informed and learn how to protect your systems from these emerging threats!