Lianghao-Chuo

**Name of the Vulnerable Software and Affected Versions** FlyFish version 3.0.0 **Description** The issue is a buffer overflow via the `password` parameter on the login page, allowing attackers to cause a Denial of Service (DoS) via a crafted input. This can potentially lead to system compromise. **Recommendations** For FlyFish version 3.0.0, patch immediately and monitor login activity closely to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the login page or disabling the password parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** dootask version 0.30.13 **Description** The issue allows attackers to execute arbitrary code via uploading a crafted PDF file, exploiting an arbitrary file upload vulnerability. **Recommendations** For dootask version 0.30.13, update to a version that fixes the arbitrary file upload vulnerability to prevent attackers from executing arbitrary code.