Priyank Nigam

**Nome do software vulnerável e versões afetadas** Versões do HMS Ewon eCatcher até a 6.6.4 **Descrição** O problema está relacionado a permissões fracas do sistema de arquivos, o que poderia permitir que usuários mal-intencionados acessassem arquivos. Esse acesso poderia levar à divulgação de informações confidenciais, à modificação de arquivos de configuração ou à interrupção do funcionamento normal do sistema. **Recomendações** Para as versões do HMS Ewon eCatcher até a 6.6.4, atualize para uma versão posterior à 6.6.4 para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** Dolibarr ERP/CRM version 9.0.1 **Description** The issue concerns stored XSS within uploaded files, allowing the execution of a JavaScript payload when a user clicks on a malicious link hosted on the same domain. This could be exploited by low-privileged users to target administrators. The `viewimage.php` page is specifically vulnerable due to the lack of contextual output encoding, displaying the content of uploaded files with a user-requested MIME type. **Recommendations** For Dolibarr ERP/CRM version 9.0.1, consider implementing proper output encoding for the `viewimage.php` page to prevent the execution of malicious scripts. As a temporary workaround, restrict access to uploading files or limit the types of files that can be uploaded to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dolibarr ERP/CRM version 9.0.1 **Description** The issue concerns insufficient checks on export parameters to `mysqldump`, allowing for the execution of arbitrary binaries on the server. This can be exploited by uploading malicious binaries through other functionalities of the application. **Recommendations** For Dolibarr ERP/CRM version 9.0.1, as a temporary workaround, consider restricting access to the `mysqldump` functionality until a patch is available. Additionally, restrict the upload of binaries through other functionalities of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dolibarr ERP/CRM version 9.0.1 **Description** The issue concerns the website module in Dolibarr ERP/CRM, which includes a WYSIWYG editor for creating public websites. This editor allows the inclusion of dynamic code, potentially leading to code execution on the host machine. An attacker, who must be a lower-privileged user of the application, can exploit this by checking a specific setting on the same page that enables the inclusion of dynamic content. As a result, code can be executed under the context and permissions of the underlying web server. **Recommendations** For Dolibarr ERP/CRM version 9.0.1, consider disabling the WYSIWYG editor in the website module until a patch is available to prevent the inclusion of dynamic code and potential code execution. Restrict access to the website module to minimize the risk of exploitation.