Caginkyr

**Name of the Vulnerable Software and Affected Versions** CodeWise Tornet Scooter Mobile App version 4.75 **Description** An issue exists in an unknown function within the `/TwoFactor` file that allows for improper restriction of excessive authentication attempts. This flaw can be exploited remotely, although the attack is considered highly complex and difficult to execute. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. This issue has been reported early to the project. They confirmed, that "this has already been discovered and fixed for the next release."