Efe Ozel

**Name of the Vulnerable Software and Affected Versions** CoslatV3 versions through 3.1069 **Description** The issue affects CoslatV3, allowing for Command Injection due to a Code Injection vulnerability. This vulnerability is present in the product, which is no longer supported by the vendor. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Neutron IP Camera versions prior to b1130.1.0.1 **Description** The issue is related to a Path Traversal vulnerability, allowing Absolute Path Traversal using '/../filedir'. This enables unauthorized access to files on the system. **Recommendations** For versions prior to b1130.1.0.1, update to a version b1130.1.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Saphira Connect versions prior to 9 **Description** The issue is related to an Improper Neutralization of Script-Related HTML Tags in a Web Page, also known as Basic XSS, allowing Reflected XSS. This enables potential attackers to inject malicious scripts into web pages. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue. As a temporary workaround, consider restricting user input to prevent malicious script injection until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Saphira Connect versions prior to 9 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database queries to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Saphira Connect versions prior to 9 **Description** The issue affects Saphira Connect, allowing Remote Code Inclusion due to an Execution with Unnecessary Privileges vulnerability. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of Saphira Connect to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Saphira Connect versions prior to 9 **Description** The issue is related to incorrect default permissions in Saphira Connect, allowing privilege escalation. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Saphira Connect versions prior to 9 **Description** The issue is related to an Incorrect Execution-Assigned Permissions vulnerability, which allows Privilege Escalation in Saphira Connect. **Recommendations** For versions prior to 9, update to version 9 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive features or modules in Saphira Connect to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Innosa Probbys versions prior to 2 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 2, update to version 2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Exagate SYSGuard 3001 versions prior to 3.2.20.0 **Description** The issue is related to an Authentication Bypass by Assumed-Immutable Data vulnerability, which allows for authentication bypass. This vulnerability affects Exagate SYSGuard 3001. **Recommendations** For versions prior to 3.2.20.0, update to version 3.2.20.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TMT Lockcell versions prior to 15 **Description** The issue is related to the reliance on cookies without validation and integrity checking in a security decision, which allows for privilege abuse and authentication bypass. **Recommendations** For versions prior to 15, update to version 15 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TMT Lockcell versions prior to 15 **Description** The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability, which allows Command Injection in TMT Lockcell. **Recommendations** For versions prior to 15, update to version 15 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to prevent command injection until a patch is available.

**Name of the Vulnerable Software and Affected Versions** TMT Lockcell versions prior to 15 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 15, update to version 15 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** TMT Lockcell versions prior to 15 **Description** The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability, which allows for Authentication Abuse and Authentication Bypass. **Recommendations** For versions prior to 15, update to version 15 or later to resolve the issue.