Deng Gelei

**Name of the Vulnerable Software and Affected Versions** NavigateCMS versions 2.9.4 and below **Description** The issue concerns a function in the `product.php` file that is vulnerable to sql injection. This vulnerability occurs on the `products-order` parameter through a post request, allowing for arbitrary sql query execution in the backend database. **Recommendations** For NavigateCMS versions 2.9.4 and below, as a temporary workaround, consider restricting access to the `product.php` file or disabling the functionality related to the `products-order` parameter until a patch is available. Avoid using the `products-order` parameter in post requests to the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NavigateCMS versions 2.9.4 and below **Description** The issue concerns a function in the `structure.php` file that is vulnerable to sql injection on the parameter `children order`. This vulnerability allows for the execution of arbitrary sql queries in the backend database. **Recommendations** For NavigateCMS versions 2.9.4 and below, consider disabling the function in `structure.php` that handles the `children order` parameter until a patch is available. Restrict access to the `structure.php` file to minimize the risk of exploitation. Avoid using the `children order` parameter in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NavigateCMS versions 2.9.4 and below **Description** The issue concerns a sql injection vulnerability in the `block` function, specifically affecting the `block-order` parameter. This vulnerability allows for the execution of arbitrary sql queries in the backend database. **Recommendations** For NavigateCMS versions 2.9.4 and below, consider disabling the `block` function until a patch is available to prevent exploitation of the sql injection vulnerability. Restrict access to the `block-order` parameter to minimize the risk of arbitrary sql query execution.

**Name of the Vulnerable Software and Affected Versions** NavigateCMS versions 2.9.4 and below **Description** The issue is related to a sql injection vulnerability in the `templates.php` function, specifically affecting the `template-properties-order` parameter. This vulnerability allows for the execution of arbitrary sql queries in the backend database. The vulnerability is associated with a lack of protection measures for the sql query structure, which can be exploited by a remote attacker to execute arbitrary sql code. **Recommendations** For NavigateCMS versions 2.9.4 and below, consider disabling the `templates.php` function or restricting access to the `template-properties-order` parameter until a patch is available. Avoid using the `template-properties-order` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.