CVE-2024-36401

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer...

CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer...

Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XXE Exploit

Exploit for multiple platform in category web applications Exploit Title : GeoServer XXE Date : 11/08/2015 Exploit Author : David Bloom Script - Ping to Sven Claessens, Jacques Villemur and Eric Donners Vendor homepage : http://geoserver.org Software Link : http://geoserver.org/release/stable...

Geoserver 2.7.1.1 2.6.4 2.5.5.1 - XML External Entity

Geoserver 2.7.1.1 2.6.4 2.5.5.1 - XML External Entity Exploit Title : GeoServer XXE Date : 11/08/2015 Exploit Author : David Bloom Script - Ping to Sven Claessens, Jacques Villemur and Eric Donners Vendor homepage : http://geoserver.org Software Link : http://geoserver.org/release/stable Version ...