GeoServer < 2.23.5 Path Traversal

According to its banner, the version of GeoServer running on the remote host is prior to 2.23.5 or 2.24.0 prior to 2.24.3. It is, therefore, affected by a Path Traversal. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

PT-2024-16692 · Unknown · Digikent Gis

Name of the Vulnerable Software and Affected Versions: DIGIKENT GIS versions through 2.23.5 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

CVE-2024-23634 GeoServer arbitrary file renaming vulnerability in REST Coverage/Data Store API

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST...

CVE-2024-23634 GeoServer arbitrary file renaming vulnerability in REST Coverage/Data Store API

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST...