Faisalfs10X

**Name of the Vulnerable Software and Affected Versions** XOS-Shop xos shop system version 1.0.9 **Description** The issue concerns an Arbitrary File Deletion vulnerability. It can be exploited via the `current manufacturer image` parameter to the "/shop/admin/manufacturers.php" API endpoint. **Recommendations** For XOS-Shop xos shop system version 1.0.9, consider restricting access to the `current manufacturer image` parameter in the "/shop/admin/manufacturers.php" endpoint to minimize the risk of exploitation. Avoid using the `current manufacturer image` parameter until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** XOS-Shop xos shop system version 1.0.9 **Description** The issue is related to an Arbitrary File Deletion vulnerability. It can be exploited via the `current manufacturer image` parameter to the "/shop/admin/categories.php" API endpoint. **Recommendations** For XOS-Shop xos shop system version 1.0.9, consider restricting access to the `current manufacturer image` parameter in the "/shop/admin/categories.php" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RiteCMS versions 3.1.0 and below **Description** The issue allows an authenticated attacker to overwrite any file in the web root, as well as any other file on the server that the PHP process user has the proper permissions to write, resulting in remote code execution. This is due to an arbitrary file overwrite via path traversal vulnerability in the Admin Panel. **Recommendations** For versions 3.1.0 and below, update to a version above 3.1.0 to resolve the issue. As a temporary workaround, consider restricting access to the Admin Panel to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** RiteCMS versions 3.1.0 and below **Description** The issue allows an authenticated attacker to upload a PHP file and bypass the .htaccess configuration, which by default denies execution of .php files in the media and files directory. This can be exploited in the admin panel. **Recommendations** For RiteCMS versions 3.1.0 and below, consider restricting access to the admin panel and the file upload functionality until a fix is available. As a temporary workaround, manually enforce the .htaccess configuration to prevent execution of .php files in the media and files directory.

**Name of the Vulnerable Software and Affected Versions** Sourcecodester Online Covid Vaccination Scheduler System version 1.0 **Description** The issue allows for Arbitrary File Upload. The admin panel has an upload function for profile photos, accessible at "http://localhost/scheduler/admin/?page=user". An attacker could upload a malicious file, such as `shell.php`, by setting the `Content-Type` to `image/png`. The attacker can then access the uploaded file, potentially leading to unauthorized access. **Recommendations** For Sourcecodester Online Covid Vaccination Scheduler System version 1.0, consider disabling the profile photo upload function in the admin panel until a fix is available. Restrict access to the "http://localhost/scheduler/admin/?page=user" endpoint to minimize the risk of exploitation. Avoid allowing uploads with mismatched `Content-Type` headers to prevent malicious file uploads.

**Name of the Vulnerable Software and Affected Versions** PEEL Shopping versions prior to 9.4.0.1 **Description** The issue allows remote SQL injection, enabling an unauthenticated user to inject malicious SQL queries and affect the execution of predefined SQL commands. This can be done via the "id" parameter on the "achat/produit details.php?id={SQLi}" endpoint. Upon a successful attack, an attacker can read sensitive data from the database or modify database data. **Recommendations** For PEEL Shopping versions prior to 9.4.0.1, update to version 9.4.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "achat/produit details.php" endpoint to minimize the risk of exploitation. Avoid using the `id` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** CSZ CMS version 1.2.9 **Description** The issue is related to the `unlink()` function in PHP, which can lead to Arbitrary File Deletion when user input affects the path of the file to remove without sufficient sanitization. This can allow a remote attacker to delete arbitrary files. The problem is also associated with resource release errors in the content management system. **Recommendations** For CSZ CMS version 1.2.9, as a temporary workaround, consider restricting access to the `unlink()` function until a patch is available. Additionally, ensure that all user input is properly sanitized to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** phpipam/phpipam versions prior to 1.4.6 **Description** The issue is related to improper access control, which can lead to incorrect authorization. **Recommendations** For versions prior to 1.4.6, update to version 1.4.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** phpipam/phpipam versions prior to 1.4.6 **Description** The issue concerns improper authorization in the phpipam/phpipam GitHub repository. **Recommendations** For versions prior to 1.4.6, update to version 1.4.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** phpipam/phpipam versions prior to 1.4.6 **Description** The issue concerns an Incorrect Privilege Assignment in the phpipam/phpipam GitHub repository. **Recommendations** For versions prior to 1.4.6, update to version 1.4.6 or later to resolve the issue.