20 matches found
EUVD-2008-3767
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-32637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
DEBIAN-CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
UBUNTU-CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
Code injection
UNSUPPPORTED WHEN ASSIGNED GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...
CVE-2023-32637
GBrowse (the Generic Model Organism Database project) is affected by CVE-2023-32637 due to unrestricted file uploads: the product accepts files of any format and stores them in a web‑accessible area, enabling arbitrary code execution on the server by anyone who can upload. The connected documents...
GBrowse vulnerable to unrestricted upload of files with dangerous types
Overview GBrowse provided by Generic Model Organism Database Project is a web-based genome browser. GBrowse allows the users to upload their own data in several file formats see "GBrowse User Uploads". The affected versions of GBrowse accept files with any formats uploaded CWE-434, and place them...
PT-2023-4092 · Gbrowse · Gbrowse
Name of the Vulnerable Software and Affected Versions: GBrowse affected versions not specified Description: The issue allows for the upload of files with any format, which are then placed in an area accessible through unauthenticated web requests. This enables anyone who can upload files through...
JVN#35897618: GBrowse vulnerable to unrestricted upload of files with dangerous types
GBrowse provided by Generic Model Organism Database Project is a web-based genome browser. GBrowse allows the users to upload their own data in several file formats see "GBrowse User Uploads". The affected versions of GBrowse accept files with any formats uploaded CWE-434, and place them in the...
Cross site scripting
Cross-site scripting XSS vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-3781
Cross-site scripting XSS vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-3781
The CVE-2008-3781 entry concerns GMOD GBrowse prior to version 1.69, which is affected by a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connected documents confirm the product and version range but ...
CVE-2008-3781
Cross-site scripting XSS vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...