Hiro

**Name of the Vulnerable Software and Affected Versions** Daptin version 0.10.3 **Description** A flaw exists in Daptin version 0.10.3 within the Aggregate API component. Specifically, the `goqu.L` function in the `server/resource/resource aggregate.go` file is susceptible to SQL injection. The issue arises from the manipulation of the `column`, `group`, or `order` arguments. This issue can be exploited remotely. The exploit is publicly available. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** go-sonic versions up to 1.1.4 **Description** A server-side request forgery issue exists in the Theme Fetching API of go-sonic. The flaw is located in the `FetchTheme` function within the `service/theme/git fetcher.go` file. Manipulation of the `uri` argument can lead to server-side request forgery, and the attack can be launched remotely. The exploit has been published. **Recommendations** Versions prior to 1.1.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Uasoft badaso versions up to 2.9.7 **Description** A security issue exists in Uasoft badaso up to version 2.9.7 related to weak password recovery. The `forgetPassword` function within the `src/Controllers/BadasoAuthController.php` file of the Token Handler component is affected. This manipulation can be executed remotely and is characterized by high complexity, though exploitability is considered difficult. The exploit has been publicly disclosed, and the vendor was notified but did not respond. **Recommendations** Versions prior to 2.9.7 should be updated. As a temporary workaround, consider restricting access to the `forgetPassword` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Kohana KodiCMS versions through 13.82.135 **Description** A flaw exists in Kohana KodiCMS that could allow for remote code execution. The issue stems from the manipulation of the `keyword` argument within the `like` function located in the file cms/modules/pages/classes/kodicms/model/page.php, specifically within the Search API Endpoint. This can lead to SQL injection. The exploit for this issue is publicly available. The vendor was notified but did not respond. **Recommendations** Versions prior to 13.82.135 should be used. As a temporary workaround, consider restricting access to the Search API Endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** iCMS versions up to 8.0.0 **Description** A code injection issue exists in iCMS due to manipulation of the `config` argument within the `Save` function located in the file app/config/ConfigAdmincp.php, part of the POST Parameter Handler component. This allows for remote attacks. The exploit is publicly available, and the vendor was notified but did not respond. **Recommendations** Versions prior to 8.0.0 should be updated.

**Name of the Vulnerable Software and Affected Versions** Kohana KodiCMS versions prior to 13.82.135 **Description** A security issue exists in Kohana KodiCMS. The `Save` function within the file `cms/modules/kodicms/classes/kodicms/model/file.php` of the Layout API Endpoint is affected. Manipulation of the `content` argument can lead to code injection. This attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** Update Kohana KodiCMS to a version later than 13.82.135.

**Name of the Vulnerable Software and Affected Versions** FeehiCMS versions up to 2.1.1 **Description** A server-side request forgery condition exists in FeehiCMS due to manipulation of the `src` argument within an unknown function of the `frontend/web/timthumb.php` file of the TimThumb component. This allows for remote exploitation. The exploit has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** Versions prior to 2.1.1 should be updated.

**Name of the Vulnerable Software and Affected Versions** CouchCMS versions up to 2.4 **Description** A security issue exists in CouchCMS related to the reCAPTCHA Handler component. The issue resides in an unknown function within the `couch/config.example.php` file. Manipulation of the arguments `K RECAPTCHA SITE KEY` and `K RECAPTCHA SECRET KEY` can lead to the use of a hard-coded cryptographic key. This attack can be launched remotely and is characterized by high complexity, though exploitability is considered difficult. The exploit for this issue has been publicly released and may be exploited. Reports indicate offensive activities targeting this vulnerability. **Recommendations** Versions prior to 2.4 should be updated.

**Name of the Vulnerable Software and Affected Versions** N-Media Frontend File Manager versions through 23.2 **Description** An authorization issue exists in N-Media Frontend File Manager due to incorrectly configured access control security levels. This allows for exploitation of the system. **Recommendations** Update N-Media Frontend File Manager to a version later than 23.2.

**Name of the Vulnerable Software and Affected Versions** Ninja Charts versions through 3.3.2 **Description** A vulnerability exists in Mahmudul Hasan Arif Ninja Charts that allows retrieval of embedded sensitive data, leading to exposure of sensitive system information to an unauthorized control sphere. **Recommendations** Update Ninja Charts to a version later than 3.3.2.

**Name of the Vulnerable Software and Affected Versions** Surfer versions through 1.6.4.574 **Description** A missing authorization issue exists in Surfer, allowing exploitation of incorrectly configured access control security levels. **Recommendations** Update Surfer to a version later than 1.6.4.574.

Name of the Vulnerable Software and Affected Versions: miniOrange Custom API for WP versions through 4.2.2 Description: The software contains an improper neutralization of special elements used in an SQL command, leading to a SQL injection issue. This allows for SQL injection attacks. Recommendations: Update miniOrange Custom API for WP to a version later than 4.2.2.

Name of the Vulnerable Software and Affected Versions: Webba Booking versions through 5.1.20 Description: A missing authorization flaw exists in Webba Appointment Booking Webba Booking, allowing exploitation of incorrectly configured access control security levels. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: miniOrange Custom API for WP versions through 4.2.2 Description: An incorrect privilege assignment issue in miniOrange Custom API for WP allows privilege escalation. Recommendations: Update miniOrange Custom API for WP to a version later than 4.2.2.

Name of the Vulnerable Software and Affected Versions: Dejan Jasnic Trusty Whistleblowing versions 1.5.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For Dejan Jasnic Trusty Whistleblowing versions 1.5.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: App Cheap App Builder versions through 5.5.3 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For App Cheap App Builder versions through 5.5.3, update to a version later than 5.5.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Suhas Surse WP Employee Attendance System versions 3.5 and earlier **Description** The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection, which can be exploited. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For Suhas Surse WP Employee Attendance System versions 3.5 and earlier, update to a version that contains a fix for this issue, as no specific workaround or mitigation measures are provided in the given information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Taskbuilder versions 4.0.3 and earlier **Description** The issue is related to a Missing Authorization vulnerability in Taskbuilder, which allows accessing functionality not properly constrained by ACLs. **Recommendations** For Taskbuilder versions 4.0.3 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** weblizar HR Management Lite versions prior to 3.3 **Description** The issue is a Cross-Site Request Forgery (CSRF) vulnerability, which allows an attacker to perform unauthorized actions on a user's account. **Recommendations** For versions prior to 3.3, update to version 3.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Elastic Email Subscribe Form versions 1.2.2 and earlier **Description** The issue is related to a Missing Authorization vulnerability in the Elastic Email Subscribe Form, which allows exploitation due to incorrectly configured access control security levels. **Recommendations** For Elastic Email Subscribe Form versions 1.2.2 and earlier, update to a version that includes the necessary security patches to fix the Missing Authorization vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.