M3@Pandas

**Name of the Vulnerable Software and Affected Versions** PHP Scripts Mall Schools Alert Management Script (affected versions not specified) **Description** The issue exists due to SQL Injection in the PHP Scripts Mall Schools Alert Management Script. Specifically, the vulnerability is exploitable via the `q` parameter in the "get sec.php" endpoint. **Recommendations** For PHP Scripts Mall Schools Alert Management Script, avoid using the `q` parameter in the "get sec.php" endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHP Scripts Mall Schools Alert Management Script (affected versions not specified) **Description** The issue allows for Arbitrary File Deletion via the `img` parameter in the "delete img.php" endpoint by utilizing directory traversal. **Recommendations** For PHP Scripts Mall Schools Alert Management Script, consider restricting access to the `delete img.php` endpoint until a patch is available. As a temporary workaround, avoid using the `img` parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHP Scripts Mall Schools Alert Management Script (affected versions not specified) **Description** The issue allows for Arbitrary File Read via the `f` parameter in the "img.php" endpoint. This is achieved through absolute path traversal, enabling access to files outside the intended directory. **Recommendations** For PHP Scripts Mall Schools Alert Management Script, consider restricting access to the `img.php` endpoint until a fix is available. As a temporary workaround, avoid using the `f` parameter in the "img.php" endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP Scripts Mall Schools Alert Management Script (affected versions not specified) **Description** The issue concerns SQL Injections in PHP Scripts Mall Schools Alert Management Script. Specifically, the vulnerability exists via crafted POST data in various PHP files, including `contact us.php`, `faq.php`, `about.php`, `photo gallery.php`, and `privacy.php`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NUUO NVRmini 2 (affected versions not specified) **Description** The issue concerns the upload.php file on NUUO NVRmini 2 devices, which allows for arbitrary file upload. This includes the upload of .php files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** dotCMS version 4.1.1 **Description** The issue allows remote authenticated administrators to upload arbitrary files, including .jsp files, to any location on the server. This is achieved through directory traversal sequences in the `fieldName` parameter to the 'servlets/ajax file upload' endpoint. As a result, arbitrary code can be executed by requesting the uploaded .jsp file at a /assets URI. **Recommendations** For dotCMS version 4.1.1, consider restricting access to the 'servlets/ajax file upload' endpoint to prevent arbitrary file uploads until a patch is available. Additionally, restrict the `fieldName` parameter to prevent directory traversal sequences. As a temporary workaround, consider disabling the AjaxFileUploadServlet to minimize the risk of exploitation.