H0J3N

**Name of the Vulnerable Software and Affected Versions** Masa CMS versions 7.2.0 through 7.2.9 Masa CMS versions 7.3.0 through 7.3.14 Masa CMS versions 7.4.0 through 7.4.9 Masa CMS versions 7.5.0 through 7.5.2 **Description** The unauthenticated JSON API accepts an `altTable` parameter that is stored via the `setAltTable()` method without validation or sanitization. This value is injected directly into a SQL FROM clause within feedGateway.cfc. An unauthenticated attacker can pass an arbitrary subquery into the `altTable` parameter to read sensitive data from any table in the database in a single HTTP request, including administrative credentials and password reset tokens. **Recommendations** Update versions 7.2.0 through 7.2.9 to 7.2.10. Update versions 7.3.0 through 7.3.14 to 7.3.15. Update versions 7.4.0 through 7.4.9 to 7.4.10. Update versions 7.5.0 through 7.5.2 to 7.5.3. Apply validation to the `setAltTable()` function in core/mura/content/feed/feedBean.cfc to restrict input to simple alphanumeric table names. Disable the JSON API if it is not required.

Name of the Vulnerable Software and Affected Versions: bdthemes ZoloBlocks versions through 2.3.2 Description: An improper control of filename for include/require statement exists in bdthemes ZoloBlocks, allowing for PHP Local File Inclusion. This issue is related to a PHP Remote File Inclusion vulnerability. Recommendations: Update to a version beyond 2.3.2.

**Name of the Vulnerable Software and Affected Versions** DIFY versions prior to 1.3.0 **Description** A clickjacking issue was found in the default setup of the DIFY application, allowing malicious actors to trick users into clicking on elements of the web page without their knowledge or consent. This can lead to unauthorized actions being performed, potentially compromising the security and privacy of users. **Recommendations** For versions prior to 1.3.0, update to version 1.3.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Dify versions prior to 0.6.12 **Description** The issue concerns an access control flaw in Dify, an open-source LLM app development platform. This flaw allows non-admin users to make unauthorized access and changes to APPs, despite the web UI of APP orchestration not being presented to normal users. **Recommendations** For versions prior to 0.6.12, update to version 0.6.12 to resolve the issue. As a temporary workaround, consider updating the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can access Orchestration of the APPs.

**Name of the Vulnerable Software and Affected Versions** Dify versions 0.6.8 and prior **Description** A vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in "/export" should only allow administrator users to export DSL. **Recommendations** For versions 0.6.8 and prior, update the access control mechanisms to enforce stricter user role permissions and implement role-based access controls (RBAC) to ensure that only users with admin privileges can export the APP DSL. Update to version 0.6.13 to fix the vulnerability.

Name of the Vulnerable Software and Affected Versions: Axeptio versions n/a through 2.5.3 Description: The issue affects Axeptio, allowing PHP Local File Inclusion due to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion'. Recommendations: For Axeptio versions n/a through 2.5.3, update to a version later than 2.5.3 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cities Shipping Zones for WooCommerce versions 1.2.7 and earlier **Description** The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, which allows PHP Local File Inclusion. This vulnerability can be exploited to access files outside the intended directory. **Recommendations** For versions 1.2.7 and earlier, update to a version later than 1.2.7 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.