Nhienit

**Name of the Vulnerable Software and Affected Versions** Microsoft Dynamics 365 Business Central (affected versions not specified) **Description** Weak authentication procedures allow an authorized attacker to elevate privileges locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Apache Airflow Providers Snowflake versions prior to 6.4.0 Description: The issue is related to a Failure to Sanitize Special Elements into a Different Plane, also known as Special Element Injection vulnerability. This vulnerability affects the CopyFromExternalStageToSnowflakeOperator, where sanitation of table and stage parameters was added to prevent SQL injection. Recommendations: For versions prior to 6.4.0, upgrade to version 6.4.0, which fixes the issue. As a temporary workaround, consider adding sanitation to the `table` and `stage` parameters in the `CopyFromExternalStageToSnowflakeOperator` to prevent SQL injection.

**Name of the Vulnerable Software and Affected Versions** Post SMTP plugin for WordPress versions up to and including 3.1.2 **Description** The issue allows authenticated attackers with Administrator-level access and above to perform generic SQL Injection via the `columns` parameter due to insufficient escaping and lack of preparation on the existing SQL query. This enables attackers to append additional SQL queries to extract sensitive information from the database. **Recommendations** For Post SMTP plugin for WordPress versions up to and including 3.1.2, consider updating to a version that includes a fix for this issue, as no specific workaround is provided for these versions. As a temporary mitigation measure, restrict access to the `columns` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WP Job Portal plugin for WordPress versions up to, and including, 2.2.2 **Description** The issue is related to SQL Injection via the `page id` parameter of the `wpjobportal deactivate()` function due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This allows authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. **Recommendations** For versions up to, and including, 2.2.2, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the `wpjobportal deactivate()` function until a patch is available. Avoid using the `page id` parameter in the affected function until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Apache Airflow version 2.10.0 Description: The issue allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. This is related to the example DAG `example inlet event extra.py` shipped with Apache Airflow. It is recommended to review DAGs based on this example and to avoid exposing example DAGs in deployments. Recommendations: For Apache Airflow version 2.10.0, upgrade to version 2.10.1 or later to resolve the issue. If you must expose the example DAGs, consider upgrading as the primary mitigation measure. As a temporary workaround, consider restricting access to the example DAGs until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8110 Description: The issue is related to the file auditing configuration, where the lack of protection of the SQL query structure allows for authenticated SQL injection. This can enable a remote attacker to execute custom queries and gain access to database table records. Recommendations: For versions below 8110, update to a version 8110 or later to resolve the authenticated SQL injection issue in the file auditing configuration. As a temporary workaround, consider restricting access to the file auditing configuration to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8110 Description: The issue is related to a lack of protection of the SQL query structure in the Windows Active Directory management and reporting tool. This can allow a remote attacker to execute custom queries and gain access to database table records. The vulnerability is associated with an authenticated SQL Injection in the attack surface analyzer's dashboard. Recommendations: For Zohocorp ManageEngine ADAudit Plus versions below 8110, update to a version 8110 or later to resolve the issue. As a temporary workaround, consider restricting access to the attack surface analyzer's dashboard until a patch is available. Avoid using the vulnerable SQL query structure in the dashboard until the issue is resolved. At the moment, there is no other information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine ADAudit Plus versions below 7271 **Description** The issue allows SQL Injection in the lockout history option. Note that non-admin users cannot exploit this vulnerability. **Recommendations** For versions below 7271, update to version 7271 or later to resolve the issue. As a temporary workaround, consider restricting access to the lockout history option to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine ADAudit Plus versions below 7271 **Description** The issue allows SQL injection while getting file server details. **Recommendations** For Zoho ManageEngine ADAudit Plus versions below 7271, update to version 7271 or later to resolve the issue. As a temporary workaround, consider restricting access to the file server details feature until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine ADAudit Plus versions through 7250 **Description** The issue is related to SQL Injection in the report export option. **Recommendations** For Zoho ManageEngine ADAudit Plus versions through 7250, update to a version later than 7250 to resolve the SQL Injection issue in the report export option.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine ADAudit Plus versions through 7250 **Description** The issue allows SQL Injection in the aggregate report feature. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For versions through 7250, update to a version later than 7250 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Silverstripe silverstripe/framework versions 4.11 and earlier **Description** The issue allows for XSS attacks. A malicious content author could upload a GPX file with a Javascript payload. The payload could then be executed by luring a legitimate user to view the file in a browser with support for GPX files. GPX is an XML-based format used to store GPS data. **Recommendations** For versions 4.11 and earlier, consider disabling the upload of GPX files to the assets area as a temporary workaround until a patch is available. By default, Silverstripe CMS will no longer allow GPX files to be uploaded to the assets area, so ensuring this default setting is in place can help mitigate the risk.