Jeremia Geraldi

icon indicating a website link https://edmpl.io/

Results 4 issues of Jeremia Geraldi

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1

4 comment

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low-privilege user to create malicious property content with HTML inside it, which acts as a stored XSS...

OS Command Injection through Command Substitution

Sorry for reporting it here. However, I found that the application has improper neutralization of special characters that possibly make it possible to execute OS commands using the gorilla-cli argument/prompt....

Vulnerability Report: Remote Code Execution in the Dot Desktop Application

Hi, sorry for reporting it here. I want to report a security vulnerability that I've found in the application. Tested on: MacOS Affected Version: 0.9.3 **Description** A critical vulnerability has...

Insecure Deserialization Vulnerability in DataManager

Hi, I've discovered a critical vulnerability in the MapDataManager class where pickle.load is used to deserialize cached data from a file. The use of pickle is inherently unsafe as it...