Mapbender 2.4.4 - mapFiler.php Remote Code Execution

Mapbender 2.4.4 - mapFiler.php Remote Code Execution Advisory: Remote Command Execution in Mapbender During a penetration test RedTeam Pentesting discovered a remote command execution vulnerability in Mapbender. An unauthorized user can create arbitrary PHP-files on the Mapbender webserver, which...

Mapbender 2.4.4 - gaz SQL Injection

Mapbender 2.4.4 - gaz SQL Injection Advisory: SQL-Injections in Mapbender During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in Mapbender. A remote attacker is able to execute arbitrary SQL commands and therefore can get e.g. valid usernames and password hashes of the...

Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution

Advisory: Remote Command Execution in Mapbender During a penetration test RedTeam Pentesting discovered a remote command execution vulnerability in Mapbender. An unauthorized user can create arbitrary PHP-files on the Mapbender webserver, which can later be executed. Details ======= Product:...

[Full-disclosure] Advisory: Remote Command Execution in Mapbender

Advisory: Remote Command Execution in Mapbender During a penetration test RedTeam Pentesting discovered a remote command execution vulnerability in Mapbender. An unauthorized user can create arbitrary PHP-files on the Mapbender webserver, which can later be executed. Details ======= Product:...