Liao10086

Name of the Vulnerable Software and Affected Versions: ThinkPHP50-CMS version 1.0 Description: The issue is related to a remote code execution (RCE) vulnerability in the component /public/?s=captcha. Recommendations: For ThinkPHP50-CMS version 1.0, as a temporary workaround, consider disabling the /public/?s=captcha component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PHPMyWind version 5.6 Description: The issue allows remote attackers to execute arbitrary code. This is achieved via the component 'admin/upload file do.php', which is vulnerable to unrestricted file upload. Recommendations: For PHPMyWind version 5.6, consider disabling the 'admin/upload file do.php' component until a patch is available to prevent remote attackers from executing arbitrary code. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Wuzhi CMS version 4.1.0 Description: The issue allows remote attackers to obtain sensitive information via the `flag` parameter in the component "/coreframe/app/order/admin/index.php". This is a SQL Injection issue that can be exploited by attackers to gain access to sensitive data. Recommendations: For Wuzhi CMS version 4.1.0, consider restricting access to the "/coreframe/app/order/admin/index.php" component to minimize the risk of exploitation. Avoid using the `flag` parameter in this component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Bludit version 3.8.1 Description: The issue allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'. This is an instance of an unrestricted file upload, which can be exploited to gain unauthorized access and control. Recommendations: For Bludit version 3.8.1, consider disabling the 'bl-kereln/ajax/upload-logo.php' component until a patch is available to prevent the upload of malicious files. Restrict access to this component to minimize the risk of exploitation. Avoid using this component for file uploads until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PHPMyWind version 5.6 Description: The issue allows remote attackers to execute arbitrary code via the "text color" field of the component "/admin/web config.php". Recommendations: For PHPMyWind version 5.6, consider disabling access to the "/admin/web config.php" component until a patch is available. Restrict input for the "text color" field to prevent command injection.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue is related to an Arbitrary File Upload vulnerability, which may lead to remote code execution. This vulnerability is present in the admin add.php file. Recommendations: For Online Book Store version 1.0, consider restricting access to the admin add.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the file upload functionality in the admin add.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue allows a remote malicious user to execute arbitrary code via SQL Injection in the `publisher` parameter to the "edit book.php" API endpoint. This could potentially lead to unauthorized access and data manipulation. Recommendations: For Online Book Store version 1.0, consider restricting access to the `edit book.php` endpoint until a patch is available, and avoid using the `publisher` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue allows a remote malicious user to execute arbitrary code via SQL Injection in the `isbn` parameter to the "edit book.php" endpoint. This could potentially lead to unauthorized access and data manipulation. Recommendations: For Online Book Store version 1.0, consider restricting access to the `edit book.php` endpoint until a patch is available, and avoid using the `isbn` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue allows a remote malicious user to execute arbitrary code via SQL Injection in the `pubid` parameter to "bookPerPub.php". This could potentially lead to unauthorized access and data manipulation. Recommendations: For Online Book Store version 1.0, consider restricting access to the "bookPerPub.php" endpoint until a patch is available. As a temporary workaround, avoid using the `pubid` parameter in the affected endpoint to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue allows a remote malicious user to execute arbitrary code via SQL Injection in the `bookisbn` parameter to the "book.php" endpoint. This could potentially lead to unauthorized access and data manipulation. Recommendations: For Online Book Store version 1.0, consider restricting access to the `bookisbn` parameter in the "book.php" endpoint until a patch is available. As a temporary workaround, avoid using the `bookisbn` parameter to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue is related to an Incorrect Access Control vulnerability. It could allow a remote malicious user to bypass authentication and obtain sensitive information via the admin verify.php endpoint. Recommendations: For Online Book Store version 1.0, consider restricting access to the `admin verify.php` endpoint until a proper fix is applied to prevent unauthorized access.

Name of the Vulnerable Software and Affected Versions: Online Book Store version 1.0 Description: The issue allows a remote malicious user to execute arbitrary code via SQL Injection in the `bookisbn` parameter to the "admin delete.php" API endpoint. This could potentially lead to unauthorized access and data manipulation. Recommendations: For Online Book Store version 1.0, consider restricting access to the `admin delete.php` endpoint until a patch is available, and avoid using the `bookisbn` parameter in this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Online Book Store version 1.0 **Description** The issue is related to a SQL Injection vulnerability in the admin edit.php script, specifically via the `bookisbn` parameter. This could allow a remote malicious user to execute arbitrary code. The vulnerability is due to inadequate protection of the SQL query structure when handling the `bookisbn` parameter. **Recommendations** For Online Book Store version 1.0, consider disabling access to the admin edit.php script or restricting the use of the `bookisbn` parameter until a patch is available. Additionally, ensure proper input validation and sanitization for the `bookisbn` parameter to prevent SQL injection attacks.

**Name of the Vulnerable Software and Affected Versions** Elefant CMS versions prior to 2.0.7 **Description** The issue is related to a PHP Code Execution Vulnerability. It can be exploited through the `/designer/add/stylesheet.php` endpoint by using a `.php` extension in the `New Stylesheet Name` field in conjunction with `<?php` content. This is due to insufficient input validation in `apps/designer/handlers/csspreview.php`. **Recommendations** For versions prior to 2.0.7, update to version 2.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/designer/add/stylesheet.php` endpoint or disabling the `apps/designer/handlers/csspreview.php` handler until a patch is available. Avoid using the `.php` extension in the `New Stylesheet Name` field to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Elefant CMS versions prior to 2.0.7 **Description** The issue concerns a PHP Code Execution Vulnerability. It can be exploited by using the `/filemanager/api/rm/.htaccess` endpoint to remove the .htaccess file, and then using a filename that ends in .php followed by space characters to bypass the blacklist. This vulnerability is present in the `apps/filemanager/upload/drop.php` file. **Recommendations** For Elefant CMS versions prior to 2.0.7, update to version 2.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/filemanager/api/rm/.htaccess` endpoint and the `apps/filemanager/upload/drop.php` file to minimize the risk of exploitation. Avoid using filenames that end in .php followed by space characters in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS version 3.4.0.9 **Description** The issue concerns a Cross-Site Scripting (XSS) flaw. It can be exploited via the `title` field in the `admin/edit.php` endpoint. **Recommendations** For GetSimple CMS version 3.4.0.9, avoid using the `title` field in the `admin/edit.php` endpoint until a fix is available. As a temporary workaround, consider restricting access to the `admin/edit.php` endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Pluck versions prior to 4.7.7-dev2 **Description** An issue was discovered that allows remote attackers to upload and execute arbitrary PHP code. This is achieved by using the image/jpeg content type for a .htaccess file in the /data/inc/images.php endpoint. **Recommendations** For versions prior to 4.7.7-dev2, update to version 4.7.7-dev2 or later to resolve the issue. As a temporary workaround, consider restricting access to the /data/inc/images.php endpoint to minimize the risk of exploitation. Avoid using the image/jpeg content type for uploading files until the issue is resolved.