David Wischnjak

Name of the Vulnerable Software and Affected Versions VertiGIS FM version 10.5.00119 (0d29d428) Description A local file inclusion issue exists in the upload/download functionality of VertiGIS FM. Authenticated attackers can read arbitrary files from the server by manipulating a file's path during upload. Downloading the file then returns the attacker-controlled file. The ASP.NET architecture may allow for remote code execution if the `web.config` file is obtained. UNC path resolution may also enable NTLM-relaying attacks. Recommendations Update to a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions VertiGIS FM (affected versions not specified) Description A reflected cross-site scripting (XSS) vulnerability exists in the dashboard search functionality. Attackers can create a malicious URL that, when visited by an authenticated user, executes arbitrary JavaScript code within the user's session. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TYDAC AG MAP+ version 3.4.0 **Description** A reflected cross-site scripting (XSS) flaw exists in the PDF export functionality. This allows unauthenticated attackers to create a malicious URL. If a victim accesses this URL, arbitrary JavaScript code can be executed within the victim’s browsing session. The malicious URL could be delivered through methods like sending a link or tricking a victim into visiting a crafted page. **Recommendations** TYDAC AG MAP+ version 3.4.0 should be updated to a fixed version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.