Hlhai

**Nome do software vulnerável e versões afetadas: MiniCMS versão 1.10 Descrição: A vulnerabilidade permite que invasores remotos executem código arbitrário injetando comandos por meio de uma solicitação HTTP maliciosa no endpoint da API “/mc-admin/post-edit.php”. Isso é resultado de uma falha de Cross Site Scripting (XSS). Recomendações: Para o MiniCMS versão 1.10, como solução temporária, considere restringir o acesso ao endpoint da API “/mc-admin/post-edit.php” até que um patch esteja disponível. Evite usar este endpoint com entradas não confiáveis até que o problema seja resolvido. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** TuziCMS version 2.0.6 **Description** The issue concerns a CSRF vulnerability in the `index.php/manage/link/do add` endpoint. This vulnerability may allow unauthorized actions to be performed. **Recommendations** For TuziCMS version 2.0.6, consider implementing proper CSRF protection mechanisms, such as token-based validation, to prevent unauthorized requests to the `index.php/manage/link/do add` endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TuziCMS version 2.0.6 **Description** The issue concerns an XSS vulnerability that can be triggered via the PATH INFO to a group URI. This is demonstrated by accessing index.php/article/group/id/2/, which allows for potential malicious script execution. **Recommendations** For TuziCMS version 2.0.6, update to a newer version that contains a fix for this issue, if available. As a temporary workaround, consider restricting access to the `index.php/article/group/id/` endpoint to minimize the risk of exploitation. Avoid using user-supplied input in the `id` parameter until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** TuziCMS version 2.0.6 **Description** The issue concerns a CSRF vulnerability in the `index.php/manage/notice/do add` endpoint. This allows for potential unauthorized actions. **Recommendations** For TuziCMS version 2.0.6, consider implementing proper CSRF protection mechanisms to prevent unauthorized requests to the `index.php/manage/notice/do add` endpoint. As a temporary workaround, restrict access to this endpoint until a patch is available.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue allows PHP code execution by creating a new .php file containing PHP code through the "admin/?/plugin/file manager" endpoint, and then visiting this file under the public/ URI. Recommendations: For Frog CMS version 0.9.5, consider restricting access to the file manager plugin to minimize the risk of exploitation. Avoid using the file manager plugin until a patch is available. As a temporary workaround, consider disabling the execution of PHP code in the public/ URI to prevent exploitation.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue is related to a XSS flaw. It can be exploited via the Body field in the admin/?/snippet/edit/1 endpoint. Recommendations: For Frog CMS version 0.9.5, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue allows for XSS by creating a new file containing a crafted attribute of an IMG element, specifically targeting the "admin/?/plugin/file manager" endpoint. Recommendations: For Frog CMS version 0.9.5, consider disabling the file manager plugin until a patch is available to prevent potential XSS exploitation.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue allows for a directory listing when a request is made to the `/public` endpoint. Recommendations: For Frog CMS version 0.9.5, consider restricting access to the `/public` directory to prevent unauthorized listing of files.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue allows PHP code execution. This can be achieved by sending <?php code to the "admin/?/layout/edit/1" URI, which is an API endpoint. Recommendations: For Frog CMS version 0.9.5, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the "admin/?/layout/edit/1" URI to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue allows PHP code execution. This can be achieved by visiting the "admin/?/page/edit/1" endpoint and inserting additional `<?php` lines. Recommendations: For Frog CMS version 0.9.5, consider restricting access to the "admin/?/page/edit/1" endpoint until a patch is available. As a temporary workaround, avoid using the endpoint for editing pages to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue is related to a security problem where an attacker can inject malicious code. The problem occurs via the "admin/?/layout/edit/1" endpoint, specifically in the Body field. Recommendations: For Frog CMS version 0.9.5, update to a version that fixes this issue, as using the current version poses a security risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue concerns a cross-site scripting (XSS) problem. It is located in the "admin/?/page/edit/1" body field. Recommendations: For Frog CMS version 0.9.5, update to a version that includes a fix for this issue, as using the current version may pose a security risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a related issue to CVE-2018-10296 and CVE-2018-16233.