Berk Dusunur

**Name of the Vulnerable Software and Affected Versions** Online-Exam-System version 2015 **Description** The software contains a SQL injection issue within the feedback module. Attackers can manipulate database queries by injecting malicious SQL code through the `fid` parameter. This could allow attackers to extract, modify, or delete database information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NUUO NVRmini devices (affected versions not specified) **Description** The issue allows for remote command execution via shell metacharacters in the `uploaddir` parameter for a "writeuploaddir" command in the "upgrade handle.php" file on NUUO NVRmini devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Acrolinx Server versions prior to 5.2.5 Description: The issue allows Directory Traversal. Recommendations: For versions prior to 5.2.5, update to version 5.2.5 or later to resolve the issue.