Anil Celik

Name of the Vulnerable Software and Affected Versions: TR7 Application Security Platform (ASP) version 1.4.25.188 Description: The issue affects the TR7 Application Security Platform (ASP) due to an Improper Protection of Alternate Path vulnerability, allowing Privilege Escalation and Privilege Abuse. This vulnerability enables Execution with Unnecessary Privileges. Recommendations: For version 1.4.25.188, upgrade to a newer version to avoid exploitation. As a temporary workaround, consider restricting privileges to minimize the risk of escalation.

**Name of the Vulnerable Software and Affected Versions** Bookreen versions prior to 3.0.0 **Description** The issue affects Unisign Bookreen, allowing OS Command Injection due to an Unrestricted Upload of File with Dangerous Type vulnerability. **Recommendations** For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to prevent potential OS Command Injection attacks.