XML Entity Expansion vulnerability in Sitemap parser

Description There is an XML entity expansion billion laughs vulnerability in the sitemap parser. When accessing a malicious Sitemap XML, this results in a Denial of Service. Vulnerable class: import urllib.request import xml.etree.ElementTree as ET from typing import List from...

Design/Logic Flaw

Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the HordeFormTypeimage method onSubmit is called on uploads, it invokes the functions getImage and getUpload, which uses...

Remote Code Execution Through Deserialisation

hazelcast is susceptible to remote code execution through deserialization. An attacker can send a malicious JoinRequest through which it reaches a listening Hazelcast instance if the vulnerable class is in the classpath, subsequently causing deserialization and remote code execution...

SQL Injection Vulnerability in SchoolCMS v2.3.1 Us***.class File

SchoolCMS is a school teaching management system based on PHP+MySQL. A SQL injection vulnerability exists in the SchoolCMS v2.3.1Us.class file, which can be exploited by attackers to obtain sensitive information...