Duong Xuan Hiep

**Name of the Vulnerable Software and Affected Versions** Naviwebs Navigate Cms version 2.9 **Description** The issue is related to a Cross Site Scripting (XSS) vulnerability. It affects various PHP files within the Naviwebs Navigate Cms, including backupsbackups.php, blocksblocks.php, brandsbrands.php, commentscomments.php, couponscoupons.php, feedsfeeds.php, functionsfunctions.php, itemsitems.php, menusmenus.php, ordersorders.php, payment methodspayment methods.php, productsproducts.php, profilesprofiles.php, shipping methodsshipping methods.php, templatestemplates.php, usersusers.php, webdictionarywebdictionary.php, websiteswebsites.php, and webuserswebusers.php. The vulnerability is exploited via the `navigate-quickse` parameter. The `initial url` function, which is built into these files, is involved in the vulnerability. **Recommendations** For Naviwebs Navigate Cms version 2.9, consider disabling the `initial url` function as a temporary workaround until a patch is available. Restrict access to the affected PHP files to minimize the risk of exploitation. Avoid using the `navigate-quickse` parameter in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Naviwebs Navigate CMS version 2.9 **Description** The issue is related to a SQL Injection vulnerability. It can be exploited via the `quicksearch` parameter in the `libpackagescommentscomments.php` file. **Recommendations** For Naviwebs Navigate CMS version 2.9, consider restricting access to the `libpackagescommentscomments.php` file or the `quicksearch` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.