Numan Türle

**Nome do Software Vulnerável e Versões Afetadas** CyberPanel versão 2.1 **Descrição** Atacantes autenticados podem ler arquivos arbitrários e executar código remoto explorando ataques de symlink. Ao manipular o parâmetro `completeStartingPath` em requisições POST para o endpoint "/filemanager/controller", atacantes podem criar links simbólicos para acessar dados sensíveis, como credenciais de banco de dados. Além disso, comandos shell arbitrários podem ser executados através do endpoint "/websites/fetchFolderDetails". **Recomendações** Atualize para a versão 2.1.2.

**Name of the Vulnerable Software and Affected Versions** Crystal Live HTTP Server version 6.01 **Description** Crystal Live HTTP Server version 6.01 contains a directory traversal flaw. Remote attackers can exploit this to access system files by manipulating URL path segments. Specifically, attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files, including Windows system files. The API endpoint is susceptible to manipulation through the URL path. The vulnerable parameter is the path segment within the URL. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gSOAP version 2.8 **Description** gSOAP 2.8 contains a directory traversal flaw. Unauthenticated attackers can exploit this to access system files by manipulating HTTP path traversal techniques. Specifically, attackers can retrieve sensitive files, such as `/etc/passwd`, by sending specially crafted GET requests containing multiple '../' directory traversal sequences. The vulnerability allows access to files through manipulated paths. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bullwark Momentum Series JAWS version 1.0 **Description** The software contains a directory traversal issue that permits unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit this by sending specially crafted GET requests containing multiple '../' sequences to read sensitive files, such as `/etc/passwd`, located outside the web root directory. The API endpoint is susceptible to manipulation through HTTP request paths. The vulnerable parameter is the HTTP request path. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** YetiShare File Hosting Script version 5.1.0 **Description** The software contains a server-side request forgery condition that allows attackers to read local system files through the remote file upload feature. Attackers can exploit the `url` parameter in the `/url upload handler` API endpoint to access sensitive files, such as `/etc/passwd`, by using the `file:///` protocol. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/url upload handler` API endpoint. Avoid using the `url` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Hestia Control Panel version 1.3.2 **Description** An authenticated attacker can write files to arbitrary locations on the server. This is possible through the `index.php` API endpoint by exploiting the `v-make-tmp-file` command. Attackers can write content, such as SSH keys, to specific file paths. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VestaCP versions prior to 0.9.8-25 **Description** VestaCP versions prior to 0.9.8-25 contain a cross-site scripting issue in the IP interface configuration. Attackers can inject malicious scripts by exploiting the `v interface` parameter. This is achieved by sending a crafted POST request to the ''/add/ip/'' endpoint with a stored XSS payload. **Recommendations** Update VestaCP to version 0.9.8-25 or later.

**Name of the Vulnerable Software and Affected Versions** ZesleCP version 3.1.9 **Description** The software contains an authenticated remote code execution issue. An attacker can create malicious FTP accounts with shell injection payloads. Exploitation involves the FTP account creation endpoint, allowing injection of a reverse shell command to establish a network connection to a specified listening host. The vulnerable functionality allows attackers to execute arbitrary code on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Versões do plugin MasterStudy LMS para WordPress anteriores à 2.7.6 **Descrição** A vulnerabilidade permite que usuários não autenticados se registrem como administradores devido à falta de validação de alguns parâmetros fornecidos ao registrar uma nova conta. **Recomendações** Para versões do plugin MasterStudy LMS para WordPress anteriores à 2.7.6, atualize para a versão 2.7.6 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas: Microsoft Teams para iOS (versões afetadas não especificadas) Descrição: O problema está relacionado à falta de proteção de dados confidenciais no Microsoft Teams para iOS, o que poderia permitir que um invasor remoto obtivesse acesso não autorizado a informações protegidas. Recomendações: No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.