Affan

**Name of the Vulnerable Software and Affected Versions** QKSMS versions up to 3.9.4 **Description** A vulnerability was found in QKSMS, affecting an unknown part of the file `androidmanifest.xml` of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. **Recommendations** For QKSMS versions up to 3.9.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Replify-Messenger version 1.0 **Description** A vulnerability has been found in the processing of the file `androidmanifest.xml` of the component Backup File Handler. This issue leads to exposure of backup files to an unauthorized control sphere, allowing potential attacks on physical devices. The exploit has been disclosed to the public. The vendor has been contacted and has decided not to maintain the app anymore, planning to revoke its availability in the Google Play Store. **Recommendations** As a temporary workaround, consider removing the app and seeking alternatives to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fridgecow smartalarm version 1.8.1 **Description** A problematic vulnerability has been found in the component Backup File Handler, affecting an unknown part of the file androidmanifest.xml. This leads to exposure of backup files to an unauthorized control sphere, allowing attacks to be launched on the physical device. **Recommendations** For version 1.8.1, restrict backups and update the app as soon as possible. Additionally, audit file permissions to minimize the risk of exploitation. As a temporary workaround, consider restricting access to the Backup File Handler component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jurecapuder AndroidWeatherApp version 1.0.0 **Description** A problematic vulnerability was found in the AndroidWeatherApp, affecting an unknown function of the file androidmanifest.xml of the component Backup File Handler. This leads to exposure of backup files to unauthorized control, and the attack can be launched on the physical device. The exploit has been disclosed to the public. The code maintainer was contacted but did not respond, and the GitHub repository was deleted, indicating the product is no longer supported. **Recommendations** For jurecapuder AndroidWeatherApp version 1.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Musicshelf versions 1.0 through 1.1 **Description** A problematic vulnerability was found in Musicshelf on Android, affecting an unknown functionality of the file iofabricsdkandroidservices etworkPinningTrustManager.java of the component SHA-1 Handler. The manipulation leads to password hash with insufficient computational effort. It is possible to launch the attack on the physical device. The complexity of an attack is rather high, and the exploitation appears to be difficult. **Recommendations** For Musicshelf versions 1.0 through 1.1, consider restricting access to the `PinningTrustManager.java` file to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Musicshelf versions 1.0 through 1.1 **Description** A problematic issue has been discovered, affecting an unknown function of the `androidmanifest.xml` file in the Backup Handler component. This leads to the exposure of backup files to unauthorized access. The attack can be launched directly on a physical device. **Recommendations** For Musicshelf versions 1.0 through 1.1, consider restricting access to the Backup Handler component until a fix is available. As a temporary workaround, avoid using the Backup Handler functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** phpipam version 1.5.1 **Description** A vulnerability was found in the component Header Handler of phpipam. The manipulation of the argument `X-Forwarded-Host` leads to open redirect. This issue can be exploited remotely. **Recommendations** For phpipam version 1.5.1, as a temporary workaround, consider restricting the use of the `X-Forwarded-Host` argument in the Header Handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wallabag version 2.5.4 **Description** A vulnerability was found in the file /config of the component Profile Config, affecting an unknown functionality. The manipulation of the `Name` argument leads to allocation of resources. The exploit has been disclosed to the public and may be used. **Recommendations** For wallabag version 2.5.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** miniCal version 1.0.0 **Description** A critical issue affects the processing of the file /booking/show bookings/. The manipulation of the `search query` argument leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond. **Recommendations** For miniCal version 1.0.0, as a temporary workaround, consider restricting access to the /booking/show bookings/ file until a patch is available. Avoid using the `search query` argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Teachers Record Management System version 1.0 **Description** A critical issue has been found in the Profile Picture Handler component, specifically in the file /changeimage.php. The manipulation of the `newpic` argument leads to unrestricted upload. This issue can be exploited remotely. **Recommendations** For PHPGurukul Teachers Record Management System version 1.0, consider disabling the /changeimage.php file or restricting access to it until a fix is available. Avoid using the `newpic` argument in the affected Profile Picture Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Sales Tracker Management System version 1.0 **Description** A vulnerability was found in the system, allowing for cross-site scripting through the manipulation of the `firstname`, `middlename`, `lastname`, and `username` arguments in the file /classes/Users.php?f=save. The attack can be launched remotely. **Recommendations** For SourceCodester Sales Tracker Management System version 1.0, consider disabling the functionality of the /classes/Users.php?f=save file until a patch is available. Restrict access to this file to minimize the risk of exploitation. Avoid using the `firstname`, `middlename`, `lastname`, and `username` arguments in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Employee Leaves Management System version 1.0 **Description** A vulnerability was found in the PHPGurukul Employee Leaves Management System, affecting an unknown functionality of the file changepassword.php. The manipulation of the `newpassword` and `confirmpassword` arguments leads to weak password requirements. The attack can be launched remotely. The exploitation appears to be difficult, but the exploit has been disclosed to the public and may be used. **Recommendations** For PHPGurukul Employee Leaves Management System version 1.0, consider implementing strong password requirements to mitigate the risk of exploitation. As a temporary workaround, restrict access to the changepassword.php file until a patch is available. Additionally, avoid using the `newpassword` and `confirmpassword` arguments in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Canteen Management System version 1.0 **Description** A vulnerability has been found in the SourceCodester Canteen Management System, affecting the file createcustomer.php of the component Add Customer. The manipulation of the `name` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For SourceCodester Canteen Management System version 1.0, consider disabling the `createcustomer.php` file or restricting access to the Add Customer component until a patch is available. As a temporary workaround, avoid using the `name` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Bank Locker Management System version 1.0 **Description** A critical issue affects the Login component of the PHPGurukul Bank Locker Management System, specifically the file index.php. The manipulation of the `username` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** For PHPGurukul Bank Locker Management System version 1.0, consider disabling the Login functionality until a patch is available. Restrict access to the index.php file to minimize the risk of exploitation. Avoid using the `username` argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Online Security Guards Hiring System version 1.0 **Description** A vulnerability was found in the PHPGurukul Online Security Guards Hiring System, affecting some unknown functionality of the file search-request.php. The manipulation of the `searchdata` argument with the input "><script>alert(document.domain)</script> leads to cross-site scripting. The attack may be launched remotely. Additionally, a file upload vulnerability allows a remote attacker to execute arbitrary code via a crafted php file to the osghs/admin/images file. **Recommendations** For PHPGurukul Online Security Guards Hiring System version 1.0, consider disabling the `search-request.php` file or restricting access to it until a patch is available. As a temporary workaround, avoid using the `searchdata` argument in the affected API endpoint until the issue is resolved. Restrict access to the osghs/admin/images file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Bank Locker Management System version 1.0 **Description** A problematic vulnerability has been found in the PHPGurukul Bank Locker Management System. This issue affects the file add-locker-form.php of the component Assign Locker. The manipulation of the `ahname` argument leads to cross-site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For PHPGurukul Bank Locker Management System version 1.0, consider disabling the `ahname` argument in the affected file add-locker-form.php to minimize the risk of exploitation until a patch is available. Restrict access to the Assign Locker component to minimize the risk of exploitation. Avoid using the `ahname` argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.