Mrempy

**Name of the Vulnerable Software and Affected Versions** iTop VPN versions up to 4.0.0.1 **Description** A critical vulnerability was found in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler, affecting an unknown functionality. The manipulation leads to denial of service. The attack needs to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For iTop VPN versions up to 4.0.0.1, as a temporary workaround, consider disabling the `ITopVpnCallbackProcess.sys` library until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DigitalPersona FPSensor version 1.0.0.1 **Description** A problematic issue has been found in the processing of the file C:Program Files (x86)FPSensorbinDpHost.exe, leading to an unquoted search path. This issue requires local attacking to be exploited. **Recommendations** For DigitalPersona FPSensor version 1.0.0.1, consider updating to a newer version that addresses the unquoted search path issue, as this would prevent potential exploitation. If no update is available, as a temporary workaround, consider restricting access to the DpHost.exe file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NEXTU NEXT-7004N version 3.0.1 **Description** A problematic issue has been found, affecting an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument `url` with the input `<svg onload=alert(1337)>` leads to cross site scripting. It is possible to launch the attack remotely. **Recommendations** For NEXTU NEXT-7004N version 3.0.1, as a temporary workaround, consider restricting access to the `/boafrm/formFilter` file to minimize the risk of exploitation. Avoid using the `url` argument in the affected POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Caton Prime version 2.1.2.51.e8d7225049(202303031001) **Description** A critical issue affects the Ping Handler component, specifically the file "cgi-bin/tools ping.cgi?action=Command", where manipulation of the `Destination` argument leads to command injection. This can be initiated remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Caton Prime version 2.1.2.51.e8d7225049(202303031001), as a temporary workaround, consider restricting access to the "cgi-bin/tools ping.cgi?action=Command" endpoint or disabling the manipulation of the `Destination` argument to minimize the risk of command injection until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Caton CTP Relay Server version 1.2.9 **Description** A critical issue has been found in the API component of the affected software, specifically in the `/server/api/v1/login` endpoint. The manipulation of the `username` and `password` arguments leads to SQL injection. This issue can be exploited remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Caton CTP Relay Server version 1.2.9, as a temporary workaround, consider restricting access to the `/server/api/v1/login` endpoint until a patch is available. Avoid using the `username` and `password` arguments in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ks-soft Advanced Host Monitor versions up to 12.56 **Description** A vulnerability was found in the software, classified as problematic, affecting some unknown functionality of the file C:Program Files (x86)HostMonitorRMA-Winrma active.exe. The manipulation leads to an unquoted search path, allowing an attack to be launched on the local host. **Recommendations** For versions up to 12.56, upgrade to version 12.60 to address this issue. As a temporary workaround, consider restricting access to the file rma active.exe until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** kalcaddle KodExplorer versions up to 4.49 **Description** A problematic issue has been found in the software, affecting some unknown functionality, which leads to cross-site request forgery. The attack can be launched remotely. **Recommendations** For versions up to 4.49, upgrade to version 4.50 to address this issue.

**Name of the Vulnerable Software and Affected Versions** MAXTECH MAX-G866ac version 0.4.1 TBRO 20160314 **Description** A critical vulnerability was found in the Remote Management component, leading to missing authentication. The manipulation can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For MAXTECH MAX-G866ac version 0.4.1 TBRO 20160314, consider disabling the Remote Management component until a patch is available to prevent exploitation. Restrict access to the affected component to minimize the risk of attack. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Royale Event Management System version 1.0 **Description** A problematic issue has been found in the system, affecting an unknown function of the file /royal event/companyprofile.php. The manipulation of the `companyname`, `regno`, `companyaddress`, or `companyemail` arguments leads to cross-site scripting. It is possible to launch the attack remotely. **Recommendations** For SourceCodester Royale Event Management System version 1.0, consider disabling the affected function in the /royal event/companyprofile.php file until a patch is available. Restrict access to the companyprofile.php file to minimize the risk of exploitation. Avoid using the `companyname`, `regno`, `companyaddress`, or `companyemail` arguments in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Royale Event Management System version 1.0 **Description** A critical issue affects the processing of the file /royal event/userregister.php, leading to improper authentication. The attack can be initiated remotely. **Recommendations** For SourceCodester Royale Event Management System version 1.0, consider restricting access to the /royal event/userregister.php file until a patch is available. As a temporary workaround, review and strengthen authentication mechanisms to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Multilaser RE708 RE1200R4GC-2T2R-V3 v3411b MUL029B **Description** A vulnerability was found in the Telnet Service component, which can lead to denial of service when manipulated. The attack may be initiated remotely. This issue affects some unknown processing of the component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** puppyCMS versions up to 5.1 **Description** A problematic issue has been found in puppyCMS, affecting an unknown part of the file /admin/settings.php. The manipulation of the `site name` argument leads to cross-site scripting. It is possible to initiate the attack remotely. **Recommendations** For puppyCMS versions up to 5.1, consider restricting access to the /admin/settings.php file until a patch is available. As a temporary workaround, avoid using the `site name` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** TP-Link TL-WR740N (affected versions not specified) **Description** A problematic vulnerability has been found in the ARP Handler component, leading to resource consumption when manipulated. The attack must be carried out within the local network. The issue is related to the implementation of the Address Resolution Protocol (ARP) in the TP-Link TL-WR740N router's firmware, which can cause uncontrolled resource consumption. This could allow an attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TEM FLEX-1085 version 1.6.0 **Description** A critical issue has been discovered, affecting an unknown function of the file /sistema/flash/reboot. This issue leads to denial of service and can be exploited remotely. **Recommendations** For TEM FLEX-1085 version 1.6.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** School Club Application System version 1.0 **Description** A problematic issue has been found in the School Club Application System, affecting access to the "/scas/admin/" endpoint. The manipulation of the `page` parameter with a specific input leads to a reflected cross-site scripting issue. This can be initiated remotely without requiring any form of authentication. The issue has been publicly disclosed. **Recommendations** For School Club Application System version 1.0, consider restricting access to the "/scas/admin/" endpoint until a fix is available. As a temporary workaround, avoid using the `page` parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** School Club Application System version 1.0 **Description** A critical issue was found in the system, affecting requests to the "/scas/classes/Users.php?f=save user" endpoint. The manipulation with a POST request leads to privilege escalation. The attack can be initiated remotely and does not require authentication. **Recommendations** For School Club Application System version 1.0, as a temporary workaround, consider restricting access to the "/scas/classes/Users.php?f=save user" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SAP Information System version 1.0 **Description** A critical issue was found, allowing an unauthenticated attacker to create a new admin account for the web application with a simple POST request to the "add admin.php" file, located at the "/SAP Information System/controllers/" endpoint. **Recommendations** For SAP Information System version 1.0, restrict access to the "/SAP Information System/controllers/add admin.php" endpoint to prevent unauthorized admin account creation until a fix is available.

**Name of the Vulnerable Software and Affected Versions** SourceCodester One Church Management System version 1.0 **Description** A critical issue was found in the system, affecting an unknown functionality of the file /one church/userregister.php. This issue leads to authentication bypass and can be exploited remotely. **Recommendations** For SourceCodester One Church Management System version 1.0, consider restricting access to the /one church/userregister.php file until a patch is available. As a temporary workaround, avoid using the user registration functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microfinance Management System (affected versions not specified) **Description** A critical issue has been discovered, allowing for SQL injection through the manipulation of arguments such as `customer type number`, `account number`, `account status number`, and `account type number`. This can be achieved by providing a specific input, for example, `' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc`, enabling a remote attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Microfinance Management System version 1.0 **Description** A critical issue affects the file /mims/login.php of the Login Page. The manipulation of the argument `username`/`password` with the input '||1=1#' leads to sql injection. The attack may be initiated remotely. **Recommendations** For SourceCodester Microfinance Management System version 1.0, consider disabling the login functionality in the /mims/login.php file until a patch is available. Restrict access to the `username` and `password` arguments to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.