Bobby Cooke

Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration. Attackers can craft a buffer with structured exception handling overwrite and encoded shellcode to bypass SafeSEH protections and execute arbitrary commands with application privileges.

**Name of the Vulnerable Software and Affected Versions** Free Desktop Clock version 3.0 **Description** Free Desktop Clock 3.0 contains a stack overflow issue in the Time Zones display name input. This allows attackers to overwrite Structured Exception Handler (SEH) registers. Exploitation involves crafting a malicious Unicode input, which can trigger an access violation and potentially lead to arbitrary code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** 10-Strike Bandwidth Monitor version 3.9 **Description** The software contains a buffer overflow issue that allows attackers to bypass SafeSEH, ASLR, and DEP protections. Exploitation occurs through crafted input sent to the application’s registration key input, enabling remote code execution and arbitrary system command execution. The `registration key input` is the point of exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** 10-Strike Bandwidth Monitor version 3.9 **Description** The software contains an unquoted service path vulnerability in multiple services. This allows local attackers to escalate privileges by placing a malicious executable in specific file path locations, achieving privilege escalation to SYSTEM during service startup. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, carefully monitor file system changes in the service path locations for unexpected or unauthorized executables.

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS My SMTP Contact Plugin version 1.1.2 **Description** PHP code injection allows an authenticated administrator to inject arbitrary PHP code through plugin configuration parameters, which can lead to remote code execution on the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS My SMTP Contact Plugin version 1.1.1 **Description** A cross-site request forgery (CSRF) issue exists where attackers can craft a malicious webpage. If visited by an authenticated administrator, this allows the attacker to modify SMTP configuration settings within the plugin, leading to unauthorized changes. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS My SMTP Contact Plugin version 1.1.2 **Description** A Stored Cross-Site Scripting (XSS) issue exists where the plugin fails to properly sanitize user input. Although the `htmlspecialchars()` function is used for sanitization, it can be bypassed by providing dangerous characters as escaped hex bytes. This allows an attacker to inject arbitrary client-side code that executes within the administrator's browser when they visit a malicious page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Daily Tracker System version 1.0 **Description** A Cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `fullname` parameter in the "user-profile.php" file. **Recommendations** For SourceCodester Daily Tracker System version 1.0, avoid using the `fullname` parameter in the vulnerable "user-profile.php" file until a fix is available. Consider validating and sanitizing user input to prevent arbitrary script injection.

**Name of the Vulnerable Software and Affected Versions** Stock Management System version 1.0 **Description** A SQL injection issue in the login component allows a remote attacker to execute arbitrary SQL commands via the `username` parameter. **Recommendations** For Stock Management System version 1.0, avoid using the `username` parameter in the login component until the issue is resolved. Consider temporarily restricting access to the login functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BarracudaDrive version 6.5 **Description** The issue concerns insecure service file permissions in the bd service, allowing local attackers to escalate privileges to admin. This can be achieved by replacing the `%SYSTEMDRIVE%bdbd.exe` file. Upon the computer's next start, the new bd.exe will be executed with LocalSystem privileges. **Recommendations** For BarracudaDrive version 6.5, ensure proper file permissions are set for the bd service to prevent unauthorized access and modification of the `%SYSTEMDRIVE%bdbd.exe` file. As a temporary workaround, consider restricting write access to the `%SYSTEMDRIVE%bd` directory to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Sourcecodetester Daily Tracker System version 1.0 **Description** A SQL injection issue in the login functionality allows an unauthenticated user to bypass authentication using SQL injection via the `email` parameter. **Recommendations** For Sourcecodetester Daily Tracker System version 1.0, consider restricting access to the login functionality until a patch is available, and avoid using the `email` parameter in the affected API endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS version 3.3.16 **Description** A Reflected Cross-Site Scripting issue allows remote attackers to execute JavaScript code in the client's browser and potentially harvest login credentials after a client clicks a link, enters credentials, and submits the login form on the admin/index.php login portal webpage. **Recommendations** For GetSimple CMS version 3.3.16, update to a version that addresses this issue to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Tailor Management System version 1.0 **Description** A Reflected Cross-Site Scripting (XSS) issue in the index.php login-portal webpage allows remote attackers to harvest keys pressed by an unauthenticated victim who clicks on a malicious URL and begins typing. **Recommendations** For SourceCodester Tailor Management System version 1.0, as a temporary workaround, consider disabling access to the index.php login-portal webpage until a patch is available. Restrict access to this webpage to minimize the risk of exploitation. Avoid using the login-portal webpage in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.