Kunlun

**Nome do Software Vulnerável e Versões Afetadas** svaarala duktape versões anteriores a 3.0.0 **Descrição** Um problema de corrupção de memória existe no processamento do arquivo `duk api bytecode.c`. O acesso local é necessário para manipular o argumento `count instr` para disparar esta condição. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** Shenzhen Libituo Technology LBT-T300-HW1 versões anteriores a 1.2.9 **Description** Um estouro de buffer (buffer overflow) pode ser acionado remotamente através da manipulação do argumento `Channel/ApCliSsid`. Este problema ocorre na função `start lan()` do endpoint '/apply.cgi'. **Recommendations** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** Shenzhen Libituo Technology LBT-T300-HW1 versões anteriores a 1.2.8 **Descrição** Um estouro de buffer existe no componente de Interface de Gerenciamento Web. Um invasor remoto pode disparar este problema ao manipular os argumentos `vpn pptp server` ou `vpn l2tp server` dentro da função `start single service()`. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** H3C Magic B1 versões anteriores a 100R004 **Description** Um estouro de buffer ocorre na função `SetMobileAPInfoById()` dentro do arquivo '/goform/aspForm'. Este problema é desencadeado pela manipulação do argumento `param`, permitindo a exploração remota. **Recommendations** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1250GW versions through 3.2.7-210907-180535 **Description** A buffer overflow issue exists in the `strcpy` function within the `/goform/setSysAdm` file. Manipulation of the `GroupName` argument can trigger this issue, allowing for remote exploitation. A public exploit is available. **Recommendations** Versions prior to 3.2.7-210907-180535 should be updated. As a temporary workaround, consider restricting access to the `/goform/setSysAdm` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** itsourcecode College Management System version 1.0 **Description** A flaw exists in itsourcecode College Management System version 1.0 that allows for remote SQL injection. The issue is located in the `/admin/search student.php` file, specifically through manipulation of the `Search` argument within an unknown function. The exploit for this issue has been publicly disclosed. **Recommendations** Apply any available updates or patches for itsourcecode College Management System version 1.0. As a temporary workaround, consider restricting access to the `/admin/search student.php` file or carefully validating the `Search` parameter to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1200GW versions through 2.5.3-170306 **Description** A buffer overflow issue exists in UTT HiPER 1200GW. The issue is related to the `strcpy` function within the `/goform/websHostFilter` file. This manipulation can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** Versions through 2.5.3-170306 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Art Gallery Shop version 1.0 **Description** A security flaw exists in projectworlds Online Art Gallery Shop. This issue involves a SQL injection impacting an unknown functionality accessible through the file '/?pass=1'. The `fnm` argument is susceptible to manipulation, allowing for potential remote attacks. The exploit for this issue has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** projectworlds Online Art Gallery Shop version 1.0 **Description** A security issue exists in projectworlds Online Art Gallery Shop 1.0. The vulnerability involves SQL injection within the `/admin/adminHome.php` file. Manipulation of the `reach nm` argument can trigger this issue, allowing for remote exploitation. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ProjectWorlds Online Art Gallery Shop version 1.0 **Description** A SQL injection issue exists in the software due to manipulation of the `Info` argument within the file '/admin/adminHome.php'. Remote exploitation is possible. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.