Anandjons

**Name of the Vulnerable Software and Affected Versions** PNotes.NET version 3.8.1.2 **Description** A file upload issue allows a local attacker to execute arbitrary code by uploading a malicious .exe file to the external program. This is related to the Miscellaneous "External Programs" feature. **Recommendations** For PNotes.NET version 3.8.1.2, consider disabling the Miscellaneous "External Programs" feature until a patch is available to prevent exploitation. Restrict access to uploading files to minimize the risk of arbitrary code execution.

**Name of the Vulnerable Software and Affected Versions** Ilch version 2.1.22 **Description** The issue allows for stored XSS attacks through the title, text, or email id in the Jobs Tab. **Recommendations** For Ilch version 2.1.22, update to a version that fixes this issue, as using the current version may pose a security risk due to the stored XSS vulnerability in the Jobs Tab.