CVE-2024-50857

The ipdojob request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting XSS. It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully...

CVE-2024-50857

The ipdojob request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting XSS. It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully...

CVE-2024-48760

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution...

CVE-2024-50858

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery CSRF. An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration...

CVE-2024-50857

The ipdojob request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting XSS. It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully...

CVE-2024-50857

GestioIP v3.5.7 is affected by a reflected XSS in the ip_do_job request, caused by unsanitized input. Exploitation requires specific user permissions and can lead to data exfiltration and CSRF. Practical details and patches are referenced in multiple sources (Nuclei template, CVE writeups, and ad...

Important: Red Hat Security Advisory: Red Hat Quay v3.5.7 bug fix and security update

Red Hat Quay 3.5.7 is now available with security update, bug fixes and various enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...