Stay updated with the most critical vulnerabilities of the week. In each episode, we analyze major CVEs, what caused them, their impact and mitigation strategies - helping security professionals and enthusiasts stay ahead of threats.
All content for The Exploit Podcast: CVEs and Security News is the property of SecurityPod and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Stay updated with the most critical vulnerabilities of the week. In each episode, we analyze major CVEs, what caused them, their impact and mitigation strategies - helping security professionals and enthusiasts stay ahead of threats.
JWT Validation Failure In Jupyter Hub, Arbitrary File Upload and SQL Injection in Mattermost, Path Traversal File Deletion in Mautic, Desrialization Of Untrusted Data in MetaSlider and more
The Exploit Podcast: CVEs and Security News
18 minutes 42 seconds
8 months ago
JWT Validation Failure In Jupyter Hub, Arbitrary File Upload and SQL Injection in Mattermost, Path Traversal File Deletion in Mautic, Desrialization Of Untrusted Data in MetaSlider and more
Week ending 27th Feb, 2025.
Key vulnerabilities to be discussed include:
JWT Validation Failure in JupyterHub
Arbitrary File Upload and SQL Injection in Mattermost, where versions of Mattermost are failing to properly validate board blocks when importing boards and failing to use prepared statements in SQL queries
Path Traversal File Deletion in Mautic, where improper handling of path components allows authenticated users to manipulate file deletion processes
Deserialization of Untrusted Data in MetaSlider, potentially leading to object injection
The podcast will also cover unrestricted file uploads, authentication bypasses, and SQL injection flaws in systems like GreaterWMS, Everest Forms, XOne Web Monitor and Tenda routers.
The Exploit Podcast: CVEs and Security News
Stay updated with the most critical vulnerabilities of the week. In each episode, we analyze major CVEs, what caused them, their impact and mitigation strategies - helping security professionals and enthusiasts stay ahead of threats.
