Leeyangee

**Name of the Vulnerable Software and Affected Versions** ShuiZe 0x727 version 1.0 **Description** A remote command execution issue was found in the component /iniFile/config.ini, allowing for potential exploitation. **Recommendations** For ShuiZe 0x727 version 1.0, consider restricting access to the /iniFile/config.ini component to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** TwoNav version 2.0.28-20230624 **Description** The issue is related to Cross Site Scripting (XSS). **Recommendations** For version 2.0.28-20230624, consider disabling any features that may facilitate XSS attacks until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xalpha version 0.11.4 **Description** The issue concerns Remote Command Execution (RCE) due to improper validation of user input, which is not checked to ensure it contains numerical values before being evaluated. **Recommendations** For xalpha version 0.11.4, ensure that user input is properly validated to prevent RCE attacks, specifically by checking that input values are numerical before evaluation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.