PT-2026-21311 · Unknown · Spotauditor

Sanjana Shetty

Publicado

2026-02-20

Atualizado

2026-03-05

CVE-2019-25434

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions SpotAuditor version 5.3.1.0

Description The application is susceptible to a denial of service condition. Unauthenticated attackers can cause the application to crash by providing an excessive amount of data—5000 bytes or more—in the registration name field. Specifically, entering a large string of characters in the registration name field triggers an unhandled exception, leading to application failure. The affected API endpoint is the registration form.

Recommendations Limit the maximum length of the registration name field to prevent excessively large inputs.

Exploit

Correção

DoS

Stack Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121

Identificadores relacionados

CVE-2019-25434

Produtos afetados

Spotauditor

PT-2026-21311 · Unknown · Spotauditor

CVE-2019-25434

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7