Chenzijie0619

**Name of the Vulnerable Software and Affected Versions** HuangDou UTCMS version V9 **Description** A critical issue has been found in HuangDou UTCMS, affecting some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument `o` leads to os command injection. This issue can be exploited remotely. The exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond. **Recommendations** For HuangDou UTCMS version V9, as a temporary workaround, consider restricting access to the file app/modules/ut-cac/admin/cli.php to minimize the risk of exploitation. Avoid using the argument `o` in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HuangDou UTCMS version V9 **Description** A critical issue was found in HuangDou UTCMS, affecting an unknown part of the file app/modules/ut-template/admin/template creat.php. The manipulation of the `content` argument leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For HuangDou UTCMS version V9, as a temporary workaround, consider restricting access to the `template creat.php` file until a patch is available. Avoid using the `content` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** HuangDou UTCMS version V9 **Description** A critical vulnerability has been found in the function `RunSql` of the file `app/modules/ut-data/admin/sql.php`. The manipulation of the argument `sql` leads to sql injection. The attack can be initiated remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For HuangDou UTCMS version V9, as a temporary workaround, consider disabling the `RunSql` function until a patch is available. Restrict access to the `sql.php` file to minimize the risk of exploitation. Avoid using the `sql` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** 07FLYCMS version 1.3.8 07FLY-CMS version 1.3.8 07FlyCRM version 1.3.8 **Description** A critical issue was found in the `uploadFile` function of the Module Plug-In Handler component, located in the file `/admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule 1`. The manipulation of the `file` argument leads to unrestricted upload. This issue can be exploited remotely. **Recommendations** For 07FLYCMS version 1.3.8, consider disabling the `uploadFile` function until a patch is available. For 07FLY-CMS version 1.3.8, restrict access to the `/admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule 1` file to minimize the risk of exploitation. For 07FlyCRM version 1.3.8, avoid using the `file` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** 07FLYCMS version 1.3.8 07FLY-CMS version 1.3.8 07FlyCRM version 1.3.8 **Description** A problem was found in the System Settings Page component, where the manipulation of the `Login Interface Copyright` argument leads to cross-site scripting. This issue can be exploited remotely. **Recommendations** For 07FLYCMS version 1.3.8, consider disabling the System Settings Page component until a fix is available. For 07FLY-CMS version 1.3.8, restrict access to the System Settings Page to minimize the risk of exploitation. For 07FlyCRM version 1.3.8, avoid using the `Login Interface Copyright` argument in the System Settings Page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.