Paijp

**Name of the Vulnerable Software and Affected Versions** lte-pic32-writer versions 0.0.1 and prior **Description** The issue affects users of `sendto.txt` and allows attackers who know the IMEI to read the `sendto.txt` file, which may contain sensitive information such as SNS URLs and API keys. **Recommendations** For versions 0.0.1 and prior, avoid using `sendto.txt` to prevent exposure of sensitive information. For versions 0.0.1 and prior, use `.htaccess` to block access to `sendto.txt` as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** nophp versions prior to 0.0.1 **Description** The issue affects the nophp PHP web framework, where versions prior to 0.0.1 are vulnerable to shell command injection on the httpd user. A patch was made available to address this issue. **Recommendations** For versions prior to 0.0.1, update index.php to 2023-03-30 or later. As a temporary workaround for versions prior to 0.0.1, consider adding a function such as `env patchsample230330.php` to env.php.