Jeroen

**Name of the Vulnerable Software and Affected Versions** Content Timeline plugin version 4.4.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `timeline` parameter in the "content timeline class.php" file, or the `id` parameter to the "pages/content timeline edit.php" or "pages/content timeline index.php" pages. **Recommendations** For Content Timeline plugin version 4.4.2, update to a version that fixes the SQL injection vulnerabilities. As a temporary workaround, consider restricting access to the `content timeline class.php`, `pages/content timeline edit.php`, and `pages/content timeline index.php` pages to minimize the risk of exploitation. Avoid using the `timeline` and `id` parameters in the affected pages until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Seagate BlackArmor NAS 220 version sg2000-2000.1331 **Description** The issue affects the Seagate BlackArmor NAS 220 devices, allowing remote attackers to hijack the authentication of administrators. This can be achieved through multiple cross-site request forgery (CSRF) vulnerabilities for various actions, including adding user accounts via a crafted request to "admin/access control user add.php", modifying or deleting user accounts, performing a factory reset, rebooting the device, or adding, modifying, or deleting shares and volumes. **Recommendations** For Seagate BlackArmor NAS 220 version sg2000-2000.1331, consider disabling access to the "admin/access control user add.php" endpoint until a patch is available. Restrict access to user account modification and deletion functions to minimize the risk of exploitation. Avoid using the device's factory reset, reboot, and share and volume management features until the issue is resolved. As a temporary workaround, limit administrative access to the device to prevent potential hijacking of authentication. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Seagate BlackArmor NAS 220 version sg2000-2000.1331 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the `fullname` parameter to "admin/access control user edit.php" and the `workname` parameter to "admin/network workgroup domain.php" are vulnerable. **Recommendations** For version sg2000-2000.1331, avoid using the `fullname` parameter in the "admin/access control user edit.php" and the `workname` parameter in the "admin/network workgroup domain.php" until the issue is resolved. As a temporary workaround, consider restricting access to these parameters to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Technicolor TC7200 version STD6.01.12 **Description** The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities allow remote attackers to hijack the authentication of administrators for various requests, including performing a factory reset via a request to "goform/system/factory", disabling advanced options via a request to "goform/advanced/options", removing ip-filters via the `IpFilterAddressDelete1` parameter to "goform/advanced/ip-filters", or removing firewall settings via the `cbFirewall` parameter to "goform/advanced/firewall". **Recommendations** For Technicolor TC7200 version STD6.01.12, as a temporary workaround, consider restricting access to the "goform/system/factory", "goform/advanced/options", "goform/advanced/ip-filters", and "goform/advanced/firewall" endpoints until a patch is available. Avoid using the `IpFilterAddressDelete1` and `cbFirewall` parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PEAR HTML QuickForm Controller version 1.0.4 **Description** The issue allows remote attackers to obtain the session ID via an HTTP Referer field and possibly other vectors, because the Next action includes the SID in the URL even when session.use only cookies is configured. **Recommendations** For PEAR HTML QuickForm Controller version 1.0.4, consider disabling the use of the SID in URLs as a temporary workaround until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.