Alexandre Larocque

**Name of the Vulnerable Software and Affected Versions** NorthStar Club Management version 6.3 **Description** The issue allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled `command` and `commandvalues` parameters in cominput.jsp and comoutput.jsp. **Recommendations** For NorthStar Club Management version 6.3, consider sanitizing the `command` and `commandvalues` parameters in cominput.jsp and comoutput.jsp to prevent remote code execution. As a temporary workaround, restrict access to these pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NorthStar Club Management version 6.3 **Description** The issue allows remote authenticated users to change the password of any targeted user account due to a lack of proper authorization in the `userID` parameter of the HTTP POST request to the "/northstar/Admin/changePassword.jsp" API endpoint. **Recommendations** For NorthStar Club Management version 6.3, consider restricting access to the "/northstar/Admin/changePassword.jsp" API endpoint until a patch is available, and avoid using the `userID` parameter in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NorthStar Club Management version 6.3 **Description** The issue allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application due to directory traversal in the `/northstar/filemanager/download.jsp` endpoint. **Recommendations** For NorthStar Club Management version 6.3, consider restricting access to the `/northstar/filemanager/download.jsp` endpoint until a patch is available. As a temporary workaround, limit the ability to download files to only necessary personnel to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NorthStar Club Management version 6.3 **Description** The issue allows remote unauthenticated users to use various functionalities without authentication due to systemic insecure permissions. **Recommendations** For NorthStar Club Management version 6.3, update the system to enforce proper authentication mechanisms for all functionalities to prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** NorthStar Club Management version 6.3 **Description** The issue allows remote local users to intercept user credentials transmitted in cleartext over HTTP due to cleartext transmission of sensitive information in the /northstar/Admin/login.jsp endpoint. **Recommendations** For version 6.3, consider restricting access to the /northstar/Admin/login.jsp endpoint until a secure connection method, such as HTTPS, is implemented to encrypt sensitive information. As a temporary workaround, avoid using the `username` and `password` variables in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** NorthStar Club Management version 6.3 **Description** The issue allows remote unauthenticated users to browse and list directories across the entire filesystem of the host of the web application through a directory traversal vulnerability in the /northstar/Common/NorthFileManager/fileManagerObjects.jsp endpoint. **Recommendations** For NorthStar Club Management version 6.3, update to a version that fixes the directory traversal issue in the /northstar/Common/NorthFileManager/fileManagerObjects.jsp endpoint to prevent unauthorized access to the filesystem. As a temporary workaround, consider restricting access to the /northstar/Common/NorthFileManager/fileManagerObjects.jsp endpoint until a patch is available.