Chocapikk

Name of the Vulnerable Software and Affected Versions Windmill versions prior to 1.603.3 Description Windmill is an open-source developer platform for internal code, including APIs, background jobs, workflows, and UIs. A path traversal vulnerability exists in the `get log file` endpoint ('/api/w/{workspace}/jobs u/get log file/{filename}') prior to version 1.603.3. The `filename` parameter is improperly concatenated into a file path without sufficient sanitization, potentially allowing an attacker to read arbitrary files on the server using '..' sequences. This could lead to the exposure of sensitive information, including the `SUPERADMIN SECRET` in some cases. Exploitation requires no authentication. Recommendations Update Windmill to version 1.603.3 or later.

**Name of the Vulnerable Software and Affected Versions** Themify Builder WordPress plugin versions prior to 7.5.8 **Description** The issue is related to an Open Redirect problem. It occurs because a parameter is not validated before the user is redirected to its value. **Recommendations** For versions prior to 7.5.8, update to version 7.5.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mocodo Mocodo Online versions 4.2.6 and below **Description** The issue allows for Remote Code Execution via the "/web/rewrite.php" API endpoint. **Recommendations** For versions 4.2.6 and below, as a temporary workaround, consider restricting access to the "/web/rewrite.php" API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mocodo Mocodo Online versions 4.2.6 and below **Description** The issue arises from improper sanitization of the `sql case` input field in the `/web/generate.php` endpoint, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, which can lead to remote code execution (RCE) under certain conditions. **Recommendations** For versions 4.2.6 and below, consider disabling access to the `/web/generate.php` endpoint until a proper fix is applied, and ensure that all input fields, especially `sql case`, are properly sanitized to prevent command injection and RCE.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** The issue allows attackers to execute arbitrary code via the ./inc/kiosks.inc component. This is a Cross Site Scripting vulnerability. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling access to the ./inc/kiosks.inc component until a patch is available. Restrict the execution of arbitrary code to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet version 9.0 **Description** A Directory Traversal issue allows a remote attacker to execute arbitrary code via the `page` parameter of the "kiosk.php" component. **Recommendations** For DerbyNet version 9.0, consider restricting access to the kiosk.php component until a patch is available. Avoid using the `page` parameter in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** The issue allows attackers to execute arbitrary code via the `back` parameter in "playlist.php". This is a Cross Site Scripting vulnerability. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling access to the "playlist.php" endpoint until a patch is available. Avoid using the `back` parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** The issue allows attackers to execute arbitrary code via the `racer-results.php` component. This is a Cross Site Scripting vulnerability. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling access to the `racer-results.php` component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** The issue allows attackers to execute arbitrary SQL commands via the `classids` Parameter in the "ajax/query.slide.next.inc" endpoint. This enables attackers to manipulate database queries, potentially leading to unauthorized data access or modification. **Recommendations** For DerbyNet versions 9.0 and below, as a temporary workaround, consider restricting access to the "ajax/query.slide.next.inc" endpoint or disabling the use of the `classids` Parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the "render-document.php" component. This enables the attacker to perform unauthorized actions on the affected system. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling the "render-document.php" component until a patch is available to prevent exploitation. Restrict access to this component to minimize the risk of arbitrary code execution.

**Name of the Vulnerable Software and Affected Versions** DerbyNet version 9.0 **Description** The issue allows a remote attacker to execute arbitrary code via the where Clause in Award Document Rendering. This is a SQL Injection vulnerability. **Recommendations** For DerbyNet version 9.0, consider disabling the where Clause functionality in Award Document Rendering until a patch is available. Restrict access to the print/render/award.inc module to minimize the risk of exploitation. Avoid using the where Clause in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** The issue allows a remote attacker to execute arbitrary code via the where Clause in Racer Document Rendering. This is a SQL Injection vulnerability. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling the where Clause in Racer Document Rendering until a patch is available. Restrict access to the Racer Document Rendering module to minimize the risk of exploitation. Avoid using the where Clause in the affected rendering process until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** A Cross Site Scripting issue allows attackers to execute arbitrary code via the "checkin.php" component. This enables attackers to perform malicious actions on the affected system. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling the "checkin.php" component until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** The issue allows attackers to execute arbitrary code via the photo-thumbs.php component. This is a Cross Site Scripting vulnerability. **Recommendations** For DerbyNet versions 9.0 and below, consider disabling access to the photo-thumbs.php component until a patch is available. Restrict the execution of arbitrary code to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DerbyNet versions 9.0 and below **Description** A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the `photo.php` component. This enables the attacker to perform unauthorized actions on the affected system. **Recommendations** For DerbyNet versions 9.0 and below, as a temporary workaround, consider disabling access to the `photo.php` component until a patch is available. Restricting access to this component can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 12.4 through 14.2 Description: The issue in WWBN AVideo is related to insufficient input validation in the submitIndex.php file of the WWBNIndex plugin, allowing a remote attacker to execute arbitrary code via the `systemRootPath` parameter. This can be achieved by sending a specially crafted POST request. Approximately 2,355 devices are potentially affected, mainly located in the United States and Germany. Recommendations: For WWBN AVideo versions 12.4 through 14.2, consider disabling the `submitIndex.php` component or restricting access to it until a patch is available. Avoid using the `systemRootPath` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.