Bpy9Ft

Name of the Vulnerable Software and Affected Versions: xxyopen/201206030 novel-plus versions up to 5.1.3 Description: A critical issue has been found in the `ajaxLogin` function of the `LoginController.java` file, part of the CATCHA Handler component. This issue leads to authentication bypass through capture-replay, allowing remote attacks. The complexity of the attack is high, and exploitation is difficult. The exploit has been publicly disclosed. Recommendations: For versions up to 5.1.3, as a temporary workaround, consider disabling the `ajaxLogin` function until a patch is available. Restrict access to the CATCHA Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: xxyopen/201206030 novel-plus versions through 5.1.3 Description: A problematic issue exists due to improper control of resource identifiers. This issue affects the `remove` function within the `novel-admin/src/main/java/com/java2nb/common/controller/FileController.java` file of the File Handler component. The attack can be initiated remotely and is considered to have high complexity and difficult exploitability. The exploit for this issue has been publicly disclosed. The vendor was informed of the disclosure but did not respond. Recommendations: Versions prior to 5.1.4 should be used. As a temporary workaround, consider disabling the `remove` function until a patch is available.

Name of the Vulnerable Software and Affected Versions: xxyopen/201206030 novel-plus versions up to 5.1.3 Description: A critical issue has been found in the User Management Module, specifically affecting the function list of the file novel-admin/src/main/resources/mybatis/system/UserMapper.xml. The manipulation of the `sort` and `order` arguments leads to SQL injection. This issue can be exploited remotely. Recommendations: For versions up to 5.1.3, as a temporary workaround, consider restricting access to the User Management Module until a patch is available. Avoid using the `sort` and `order` arguments in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook (affected versions not specified) **Description** A critical vulnerability has been found in chaitak-gorai Blogbook. The issue affects the GET Parameter Handler component, specifically the `post id` argument in the `/admin/view all posts.php` file, leading to SQL injection. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A vulnerability was found in chaitak-gorai Blogbook, affecting unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the `Search` argument leads to denial of service. The exploit has been disclosed to the public and may be used. This product uses a rolling release to provide continuous delivery, and therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A critical issue was found in the component GET Parameter Handler of the file /user.php, where the manipulation of the `u id` argument leads to SQL injection. This can be exploited remotely. The issue has been publicly disclosed. **Recommendations** As a temporary workaround, consider disabling the `u id` parameter in the /user.php file until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A critical vulnerability was found in chaitak-gorai Blogbook. The issue affects an unknown function of the file /admin/posts.php?source=add post, where the manipulation of the `image` argument leads to unrestricted upload. This can be exploited remotely. The exploit has been disclosed publicly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A vulnerability has been found in chaitak-gorai Blogbook, classified as problematic. It affects an unknown functionality of the file /register script.php. The manipulation of the `fullname` argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning, so information about affected and unaffected releases is unavailable. **Recommendations** To resolve the issue, it is recommended to upgrade the affected component. As a temporary workaround, consider restricting access to the `/register script.php` file to minimize the risk of exploitation. Avoid using the `fullname` argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A problematic issue has been found in chaitak-gorai Blogbook, affecting the processing of the file /post.php. The manipulation of the arguments `comment author`, `comment email`, and `comment content` leads to cross-site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider restricting access to the /post.php file until a fix is available. Avoid using the arguments `comment author`, `comment email`, and `comment content` in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A critical issue was found in the file /post.php of the component GET Parameter Handler, where the manipulation of the `p id` argument leads to SQL injection. This issue can be exploited remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** As a temporary workaround, consider disabling the `p id` parameter in the /post.php file until a fix is available. Restrict access to the /post.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 **Description** A critical issue was found in the GET Parameter Handler of the file /admin/includes/edit post.php. The manipulation of the `edit post id` argument leads to SQL injection. This issue can be exploited remotely. The estimated number of potentially affected devices is not specified. **Recommendations** As a temporary workaround, consider disabling the `edit post id` argument in the /admin/includes/edit post.php file until a patch is available. Restrict access to the /admin/includes/edit post.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.